PCI DSS 1.0 and PCI DSS 1.1

Unanswered Question
May 2nd, 2007

I was looking at the spec sheets and was wondering what are the differences between PCI DSS 1.0 and PCI DSS 1.1?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
bmcgloth Wed, 05/02/2007 - 13:56

here is a high summary of what is different, and a link to the full details of the differences:

Section 6.6 ? Added requirement for application code review or application firewall to be used

Section 11.1 Clarified that wireless analyzers should be used periodically, even if wireless is not currently deployed.

Section 12 - Added requirement for a policy to manage connected entities, including maintaining a list, implementing appropriate due diligence, ensuring connected entities are PCI DSS compliant, and having an established process to connect and disconnect entities.

https://www.pcisecuritystandards.org/pdfs/pci_summary_of_pci_dss_changes_v1-1.pdf

Actions

This Discussion