In version 4.0, all periodic cadence requirements must be justified with a targeted risk analysis. Also, if the customized approach is used to validate compliance with a requirement, a targeted risk analysis must be performed.
Join Viviana Wesley to learn how to conduct a targeted risk analysis that use the duty of care risk analysis method, that litigators and regulators expect to see when doing risk assessments.
VIEW THE RECORDING
PCI Webinar Series
Session 1
Preparing for Your Transition to PCI DSS v4.0
Session 2
A Deep Dive into the New 4.0 DSS Requirements that are Applicable Immediately
Session 3
A Deep Dive into the Emerging New 4.0 DSS Requirements that are Due by March 2025
Session 5
SAQ Comparison Summaries | June 1, 2023, Thursday | 11am Central
PCI DSS Requirements
PCI DSS Requirement 5.4.1: Anti-spoofing controls such as DMARC, which stands for Domain-based Message Authentication, Reporting and Conformance, Sender Policy Framework (SPF), and Domain Keys Identified Mail (DKIM) can help stop phishers from spoofing the entity’s domain and impersonating personnel.
Clarification on eCommerce Outsourcing PCI DSS requirements 6.4.3 and 11.6.1
Unpacking the New PCI DSS Password Standards
Is Your Organization Prepared for PCI DSS Automation – Requirement 10.4.1.1?
What is the PCI DSS v4 Authenticated Scanning Mandate – Requirement 11.3.1.2?
What is the PCI DSS v4.0.1 Requirement for PoLP – Requirement 7.2.5?
The New PCI DSS v4.0.1 Software Catalog Mandate – Requirement 6.3.2