>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

12.3.4Hardware and software technologies in use are reviewed at least once every 12 months, including at least the following: Analysis that the technologies continue to receive security fixes from vendors promptly.

>Requirement Description

Hardware and software technologies in use are reviewed at least once every 12 months, including at least the following: Analysis that the technologies continue to receive security fixes from vendors promptly. Analysis that the technologies continue to support (and do not preclude) the entity’s PCI DSS compliance. Documentation of any industry announcements or trends related to a technology, such as when a vendor has announced “end of life” plans for a technology. Documentation of a plan, approved by senior management, to remediate outdated technologies, including those for which vendors have announced “end of life” plans. Applicability Notes This requirement is a best practice until 31 March 2025, after which it will be required and must be fully considered during a PCI DSS assessment.

>Cross-Framework Mappings

NIST CSF 2.0

via NIST OLIR Catalog
DE.AE-07
Compare
GV.OV-02
Compare
GV.OV-03
Compare
GV.RM-03
Compare
GV.RM-06
Compare
GV.SC-03
Compare
GV.SC-09
Compare
GV.SC-10
Compare
ID.AM-08
Compare
ID.IM-01
Compare
PR.PS-02
Compare
PR.PS-03
Compare

SCF

CFG-03.1
Compare
SEA-02.3
Compare
SEA-07.1
Compare

Ask AI

Configure your API key to use AI features.