Entity ensures that Network traffic to and from untrusted networks passes through a policy enforcement point; firewall rules are established in accordance to identified security requirements and business justifications.
profile_icon
| Sep 08, 2023
Entity maintains and periodically updates the data flow documentation to describe storage, processing, or transmission of CHD
profile_icon
| Sep 08, 2023
Entity maintains a key architecture document describing of the cryptographic architecture in use
profile_icon
| Sep 08, 2023
Entity ensures that cryptographic keys are rotated, suspended or destroyed as per the encryption policy
profile_icon
| Sep 08, 2023
Entity ensures that cryptographic keys are generated using industry accepted cryptographic libraries and algorithms
profile_icon
| Sep 08, 2023
Entity identifies vulnerabilities in the code of the in-scope application through the execution of regular vulnerability scans.
profile_icon
| Sep 08, 2023