thePCI Portal

Prioritized Approach is now updated for 3.1

The Prioritized Approach is now updated for 3.1

We have a fresh “Prioritized Approach for PCI DSS Version 3.1” and “Prioritized Approach Tool Version 3.1” worksheet today.

Prioritized Approach for PCI DSS Version 3.1” is still a PDF doc that introduces the concept.

And the “Prioritized Approach Tool Version 3.1” is still a (edit password protected!) Microsoft Excel worksheet.

pci prioritized tool protection

The only differences I have noted so far in the worksheet tool from Nov 2014 V3 are:

  • Column A width is reduced.  (More scrolling now!)
  • Requirement 6.5.6 does not call out requirement 6.5.10 (broken authentication session management) as being applicable to web apps and application interfaces.
  • V3.1 has an extra row (row 92) to remind us that requirements 6.5.1 through 6.5.6 apply to all applications (internal and external)
  • Rebecca Watris  is added as author in the metadata.
  • and of course, SSL/TLS clarification in requirements 2.2.3 and 2.3.

Just housekeeping?  Let me know what I missed.

Ad below this line:

 

4 comments for “Prioritized Approach is now updated for 3.1

  1. August 22, 2015 at 5:22 pm

    You are looking sharp !

    • shawn@lukaschuk.com
      September 17, 2015 at 3:00 pm

      Are you controlling my webcam? SL.

  2. September 30, 2015 at 10:23 am

    I used to be very happy to find this web site. I wanted to thanks for your time fo this wonderful read !!

    • thePCIportal
      December 4, 2015 at 4:17 pm

      I used to be happy too. S.

Leave a Reply

Your email address will not be published. Required fields are marked *