PCI REQUEST FOR CHANGE
Change Request Information
Reference Number
Change Request Title
Functional Area
Submission Date
Requested By
Description
Analysis
Requirement Impact:
Install and maintain a firewall configuration to protect
cardholder data
Do not use vendor-supplied defaults for system
passwords and other security parameters
Protect stored cardholder data
Encrypt transmission of cardholder data across open,
public networks
Use and regularly update anti-virus software or programs
Develop and maintain secure systems and applications
Restrict access to cardholder data by business need to
know
Assign a unique ID to each person with computer access
Restrict physical access to cardholder data
Track and monitor all access to network resources and
cardholder data
Regularly test security systems and processes
Maintain a policy that addresses information security for
employees and contractors
Risks:
Cost:
Change Control Board Decision
Participation:
Int Auditor: _________ IRMO: _________ System Owner: _________ Asst Treasurer: _________
Decision:
Signature: ___________________________________________ Date: ____________________
PCI Program Manager