PCI DSS · Maintain an information security policy
Req. 12 Support information security with organizational policies and programs
Maintain an information security policy and programme that supports the secure handling of cardholder data.
Mapped across 10 provisions
Equivalent and related requirements in other frameworks and regulations.
- NIST CSF 2.0PartialOfficial mapping
Source: PCI DSS v4.0 / NIST CSF 2.0
GV.OC-01 Organizational mission and security role understoodGouvernance et politique de sécurité
- CCPA / CPRARelatedCurated§1798.100 Consumers' right to know and notice at collection
Gouvernance et politique de sécurité
- DORARelatedCuratedArt. 6 ICT risk management framework
Gouvernance et politique de sécurité
- GDPRRelatedCuratedArt. 25 Data protection by design and by default
Gouvernance et politique de sécurité
- GLBARelatedCurated§314.4(a) Designate a qualified individual
Gouvernance et politique de sécurité
- ISO 27001RelatedCuratedA.5.1 Policies for information security
Gouvernance et politique de sécurité
- LGPDRelatedCuratedArt. 50 Good practices and governance rules
Gouvernance et politique de sécurité
- NIS2RelatedCuratedArt. 21(2)(a) Risk analysis and information system security policies
Gouvernance et politique de sécurité
- NIST 800-53RelatedCuratedPM-1 Information security program plan
Gouvernance et politique de sécurité
- SOC 2RelatedCuratedCC1.1 Integrity and ethical values
Gouvernance et politique de sécurité