Manual Examination DEVELOPMENT_6_3_7_B

This PCI DSS V1.2 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.
Return to Main Page
Manual Examination DEVELOPMENT_6_3_7_B_040

PCI DSS V1.2 for Merchant

Findings Color Code
Compliant
Not assessed
Non-Compliant

PCI DSS 06 .03 .07 .b

Question: Does an examination of policies confirm that custom application code changes for web applications must be reviewed (either manually or using automated processes) by individuals other than the code change author and by individuals who are knowledgeable in code review techniques and secure coding practices ?

Answered by: BOSTON::JEFFERSON

As part of Manual Examination group: APPLICATION_DEVELOPMENT_WEB

Answer: YES

This PCI DSS V1.2 report is posted on the Internet to promote Version 3.0 of LJK/Security . The corresponding vulnerability report for your own system should be guarded more carefully, such as by being reviewed only from local HTML disk files rather than via a web server.