PCI Review Audit Work Program

Screenshot of the first page of PCI Review Audit Work Program
An Essential PCI Review Audit Checklist for Organizations

This audit program sample can be used by organizations to process PINs; create cryptographic keys; and administer, load and transmit secure keys.  

In this sample, all keys and key components are generated using an approved random or pseudo-random process, compromise of the key-generation process is not possible without collusion between at least two trusted individuals, documented procedures exist and are demonstrably in use for all key generation processing, and secret or private keys are transferred by physically forwarding the key in at least two separate full-length components (hard copy, smart card and TRSM) using different communication channels. 


Topics
IT Audit
IT Controls
Audit Testing
Internal Controls
Data Security

Related Resources

Audit Programs

IT Continuity Review Audit Work Program

Benchmarking Tools

Transaction Authority Risk Key Performance Indicators (KPIs)

Audit Programs

Application Controls Audit Work Program

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It