Return to course: Requirement 12: An overview of the Information Security Policy and Supporting Security Policies and Programs
Previous Lesson
Previous
Next
Next Section
Requirement 12: An overview of the Information Security Policy and Supporting Security Policies and Programs
Information Security Policy and Acceptable Use Policy
Requirement 12.1 and 12.2
Test your understanding of 12.1 and 12.2
Target Risk Analysis and PCI Compliance Program
Requirement 12.3 and 12.4
Test your understanding of requirements 12.3 and 12.4
Scope, Security Awareness Training, and HR Background Checks
Requirements 12.5, 12.6, and 12.7
Test your understand of 12.5, 12.6, and 12.7
Third Part Service Providers
Requirements 12.8 and 12.9
Test your understanding of requirements 12.8 and 12.9
Incident Response Plan
Requirement 12.10
Test your understanding of requirement 12.10
Test your understanding of requirements 12.8 and 12.9
Merchants must maintain a list of their Third Party Service Providers (TPSPs) along with a description of service(s) the TPSP is providing
*
True
False
Merchants must maintain written agreements (contracts, MSAs) where the TPSP acknowledges their responsibility for the security of account data that TPSP stores, processes, or transmits or could impact security of the CDE
*
True
False
Vetting or performing due diligence prior to engaging TPSP is not required
*
True
False
Merchants must monitor TPSPs PCI DSS compliance at least every 6 months
*
True
False
Merchants must maintain information that shows what requirements the TPSP is responsible for, what requirements the merchant is responsible for and what requirements have a shared responsibility
*
True
False
TPSPs must support their customers’ PCI DSS compliance
*
True
False
TPSPs must provide their ______________ upon customer request
*
proof of insurance
business license
PCI DSS compliance status
food order
TPSPs must provide information that shows what requirements the TPSP is responsible for, what requirements the merchant is responsible for and what requirements have a shared responsibility
*
True
False