Having an official policy is a key requirement of running a secure, PCI-compliant firm. If you haven't documented your firm's security policy yet, we're here to help you get it done.
This free sample policy provides a great starting point, and you can adapt it to meet your firm's unique needs.
The document addresses:
- Ethics and acceptable use
- Protecting stored data
- Restricting access to data
- Security awareness and procedures
- Incident response plan
- and more...