VM-02—Vulnerability Scans: Cardholder Data Environment
>Control Description
Theme
Type
Policy/Standard
Vulnerability Management Policy>Implementation Guidance
1. Ensure that the requirements for quarterly vulnerability scans against cardholder data environement are defined and documented. 2. Ensure a process is established to initiate a scan after every significant change. 3. Ensure all critical vulnerabilities are tracked to resolution and confirmed via a rescan
>Testing Procedure
1. Inspect and validate whether the requirements for quarterly vulnerability scans against cardholder data environement are defined and documented. 2. Validate that a process is established to initiate a scan after every significant change. 3. Validate for a sample critical vulnerability whether it was tracked to resolution and confirmed via a rescan
>Audit Artifacts
>Framework Mappings
Cross-framework mappings provided by Adobe CCF Open Source under Creative Commons License.
Ask AI
Configure your API key to use AI features.