>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

NO-14Card Processing Environment Segmentation

>Control Description

Where applicable, Organization segregates the Primary Account Number (PAN) infrastructure including payment card collection devices; Organization limits access to the segregated environment to authorized personnel.

Theme

Process

Type

Preventive

Policy/Standard

Network Security Standard

>Implementation Guidance

1. Ensure that a process is defined and documented for segregating PCI Environment from non-PCI environment. 2. Ensure that network segmentation testing is performed on a semi-annual basis. 3. Ensure that the Data flow and architecture diagram is updated periodically and reviewed by required officials.

>Testing Procedure

1. Inspect and validate whether a process is defined and documented for segregating PCI Environment from non-PCI environment. 2. Validate whether network segmentation testing was performed on a semi annual basis. 3. Validate whether the Data flow and architecture diagram were updated periodically and were approved.

>Audit Artifacts

E-NO-01
E-NO-15
E-NO-17
E-NO-14

>Framework Mappings

Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.

PCI DSS
1

6.5.3

Ask AI

Configure your API key to use AI features.