[PCI DSS 3.0] [PCI DSS 3.0] 12.6.2 Require personnel to acknowledge at least annually that they have read and understood the sec

pcinetwork

PCINetwork.org Admin
#1
12.6.2 Require personnel to acknowledge at least annually that they have read and understood the security policy and procedures.

12.6.2 Verify that the security awareness program requires personnel to acknowledge, in writing or electronically, at least annually, that they have read and understand the information security policy.

Requiring an acknowledgement by personnel in writing or electronically helps ensure that they have read and understood the security policies/procedures, and that they have made and will continue to make a commitment to comply
with these policies.
 
Top