The Policies & Procedures module is accessible via the Documentation tab in the top menu on the homepage:
The P&P module comes pre-populated with a generic set of Policies & Procedures for PCI DSS compliance. The systems allows you to track policy status (in place, not in place, not applicable) across multiple entities.
Whenever the option Not in Place is selected, you are required to set a target date for remedial action.
Edit and View the P&P
The Policies and Procedures screen allows you to view, download, and assign a status to each policy:
Policy: The name of the policy.
P&P Status
- In Place: the policy is in place
- Not In Place: the policy is not in place
- To Do: the policy has no status assigned – all policies are assigned a ‘To Do’ status initially
- Not Applicable: The policy does not apply in this case
Update: Set the status for the policy.
Remediation Date: If you assign a Not in Place status to a particular policy, you are required to set a remediation date – the date on which you expect this policy to come into effect .
Download: Download the policy in PDF format.
