Internal Controls

Internal Controls explain the activities we perform at our organisation to deal with Risks and Compliance Requirements. We document what they do, how we test them and what Policies, Standards and Procedures govern them.

60

0%
Current Internal Controls

0

0%
New Internal Controls

0

0%
Updated Internal Controls
Actions
Title
Objective
Audit Methodology
Audit Success Criteria
Maintenance Task
Policies
Cardholder Data DMZ
Ensure systems that manage or store card holder data are protected from a DMZ
Evidence:,
- Cardholder Diagram,
- Firewalls involved Configurations ,
,
Analysis:,
- Ensure cardholder systems are behind a DMZ,
- Ensure traffic in and out is limited to needed hosts / networks,
,
Output:,
- Firewall Configurations highlighting any rule outside what is strictly needed
All cardholder systems must be behind a dmz network and firewall and the traffic in and out must be denied except what is needed
NA
Network Diagram