[PCI DSS 3.0] [PCI DSS 3.0] 3.7 Ensure that security policies and operational procedures for protecting stored cardholder data a

pcinetwork

PCINetwork.org Admin
#1
3.7 Ensure that security policies and operational procedures for protecting stored cardholder data are documented, in use, and known to all affected parties.

3.7 Examine documentation interview personnel to verify that security policies and operational procedures for protecting stored cardholder data are:
• Documented,
• In use, and
• Known to all affected parties.

Personnel need to be aware of and following security policies and documented operational procedures for managing the secure storage of cardholder data on a continuous basis.
 
Top