My WebLink
|
Help
|
About
|
Sign Out
Home
Browse
Search
Item 23 - City-wide Cashiering Software and Hardware Upgrades
Clerk
>
Agenda Packets / Staff Reports
>
City Council (2004 - Present)
>
2023
>
02/07/2023 Regular & HA
>
Item 23 - City-wide Cashiering Software and Hardware Upgrades
Metadata
Thumbnails
Annotations
Entry Properties
Last modified
8/11/2023 10:02:05 AM
Creation date
8/11/2023 10:01:43 AM
Metadata
Fields
Template:
City Clerk
Doc Type
Agenda Packet
Agency
Clerk of the Council
Item #
23
Date
2/7/2023
There are no annotations on this page.
Document management portal powered by Laserfiche WebLink 9 © 1998-2015
Laserfiche.
All rights reserved.
/
90
PDF
Print
Pages to print
Enter page numbers and/or page ranges separated by commas. For example, 1,3,5-12.
After downloading, print the document using a PDF reader (e.g. Adobe Reader).
View images
View plain text
<br />Part 2g. Summary of Requirements Tested <br />For each PCI DSS Requirement, select one of the following: <br />• <br />• <br />• <br />Full – The requirement and all sub-requirements of that requirement were assessed, and no sub- <br />requirements were marked as “Not Tested” or “Not Applicable” in the ROC. <br />Partial – One or more sub-requirements of that requirement were marked as “Not Tested” or “Not <br />Applicable” in the ROC. <br />None – All sub-requirements of that requirement were marked as “Not Tested” and/or “Not Applicable” <br />in the ROC. <br />For all requirements identified as either “Partial” or “None,” provide details in the “Justification for Approach” <br />column, including: <br />•Details of specific sub-requirements that were marked as either “Not Tested” and/or “Not Applicable” in <br />the ROC <br />•Reason why sub-requirement(s) were not tested or not applicable <br />Note: One table to be completed for each service covered by this AOC. Additional copies of this section are <br />available on the PCI SSC website. <br />Name of Service Assessed:Payment Gateway Service <br />Details of Requirements Assessed <br />Justification for Approach <br />PCI DSS <br />Requirement <br />(Required for all “Partial” and “None” responses. Identify which <br />sub-requirements were not tested and the reason.)Full Partial None <br />Requirement 1:☒☐ <br />☒ <br />☐ <br />☐Requirement 2: <br />Requirement 3: <br />☐2.1.1 – No in-scope wireless <br />2.2.3 – No insecure services, protocols, or daemons <br />2.6 – Not a shared hosting provider <br />☐☒☐3.4.1 – No FDE in use <br />3.6 – No shared keys for transmission of CHD <br />3.6.6 – No manual clear-text key-management <br />Requirement 4: <br />Requirement 5: <br />Requirement 6: <br />Requirement 7: <br />Requirement 8: <br />Requirement 9: <br />☐ <br />☒ <br />☐ <br />☒ <br />☐ <br />☐ <br />☒ <br />☐ <br />☒ <br />☐ <br />☒ <br />☒ <br />☐ <br />☐ <br />☐ <br />☐ <br />☐ <br />☐ <br />4.1.1 – No in-scope wireless <br />6.4.6 – No significant changes <br />8.5.1 – No remote access to customer premises <br />9.5.1 – CHD is never backed up to removable media <br />9.6 – CHD is never backed up to removable media <br />9.6.[2-3] – CHD is never backed up to removable <br />media <br />PCI DSS v3.2.1 Attestation of Compliance for Onsite Assessments – Service Providers, Rev. 1.0 <br />© 2006-2018 PCI Security Standards Council, LLC. All Rights Reserved. <br />June 2018 <br />Page 7
The URL can be used to link to this page
Your browser does not support the video tag.