What Audit Policies are required for PCI DSS compliance? RRS feed

  • Question

  • I am looking for a list of recommended Security Audit policies for PCI DSS compliance that I can use as a starting point.  I've looked for hours and read a lot, but have not found anything resembling a simple list.  Can someone please point me in the right direction?

    For background, our company operates stores that use a single Windows 7 SP1 "server" and  multiple POS terminals in each store.  There are no domains involved and the server and terminals are all part of a local WORKGROUP.  We are not required to audit on the terminals - just the Windows 7 SP1 "server".

    I have downloaded Microsoft Security Compliance Manager 4.0 and will install that in one store after hours and that may help me develop policies.  But I would sure appreciate seeing a list before hand.

    Thanks in advance!

    Ken Morley

    Thursday, June 6, 2019 2:45 PM