>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

12.3.2A targeted risk analysis is performed for each PCI DSS requirement that the entity meets with the customized approach, to include: Documented evidence detailing each element specified in Appendix B: Guidance and Instructions for Using Customized Approach (including, at a minimum, a controls matrix and risk analysis).

>Requirement Description

A targeted risk analysis is performed for each PCI DSS requirement that the entity meets with the customized approach, to include: Documented evidence detailing each element specified in Appendix B: Guidance and Instructions for Using Customized Approach (including, at a minimum, a controls matrix and risk analysis). Approval of documented evidence by senior management. Performance of the targeted analysis of risk at least once every 12 months. Applicability Notes This only applies to entities using a Customized Approach.

>Cross-Framework Mappings

NIST CSF 2.0

via NIST OLIR Catalog
GV.RM-06
Compare
ID.RA-07
Compare

SCF

RSK-01.1
Compare
RSK-03
Compare
RSK-04
Compare
RSK-04.1
Compare
RSK-06.2
Compare
RSK-07
Compare

Ask AI

Configure your API key to use AI features.