[PCI DSS 3.0] [PCI DSS 3.0] 12.1 Establish, publish, maintain, and disseminate a security policy.

Discussion in 'Requirement 12: Maintain a policy that addresses information security for all personnel' started by pcinetwork, Dec 31, 2013.

  1. pcinetwork

    pcinetwork PCINetwork.org Admin

    12.1 Establish, publish, maintain, and disseminate a security policy.

    12.1 Examine the information security policy and verify that the policy is published and disseminated to all relevant personnel (including vendors and business partners).

    A company's information security policy creates the roadmap for implementing security measures to protect its most valuable assets. All personnel should be aware of the sensitivity of data and their responsibilities for protecting it.
  2. CyberSecurityAgency

    CyberSecurityAgency New Member

    It is absolutely urgent that your company has an information security policy. This directs how your employees perform tasks securely and typically includes a policy on how the employees will be trained in secure workplace practices. Employees (humans) are the weakest link in the security chain. Our clients constantly tell us of the information insecurity that their inadequately trained personnel have caused for them. Employee Security Trainings can be provided on site at your place of business and take a low amount of time and resources to create a big impact on your companies security posture.

    Scott D.
    Cyber Security Agency

Share This Page