University Payment Card Acceptance Policies and Procedures
| Payment Card Acceptance Policy | PCI Requirement | Policy # |
|---|---|---|
| Policy 3-070 Subject: Payment Card Acceptance | 12 | |
| Payment Card Acceptance Procedures | ||
| Maintain a Secure Network | 1 | |
| Password Security | 2 | |
| Protect Cardholder Data | 3 | |
| Vulnerability Management | 5 | |
| Develop and Maintain Secure Systems and Applications | 6 | |
| Implement Strong Access Control Measures | 7 | |
| Assign a Unique ID to Each Person with Computer Access | 8 | |
| Restrict Physical Access to Cardholder Data | 9 | |
| Regularly Test Security Systems and Processes | 11 | |
| Maintain an Information Security Policy | 12 | |
| Department Procedure Standard-Incident Response | 12.9 | |
| Payment Card Acceptance Rules | Rule # | |
|---|---|---|
| Payment Card Industry (PCI) Network Security | 4-004E | |
| Payment Card Industry (PCI) Wireless Access Security | 4-004F | |
| Payment Card Industry (PCI) Remote and Mobile Access Security | 4-004G | |
| Payment Card Industry (PCI) Secure Communications Management | 4-004H | |
| Payment Card Industry (PCI) Virus and Vulnerability Management | 4-004I | |
| Payment Card Industry (PCI) Patch Management | 4-004J | |
| Payment Card Industry (PCI) Physical Security | 4-004L | |
| Payment Card Industry (PCI) Monitoring, Logging and Audit | 4-004M | |
| Payment Card Industry (PCI) Acceptable Use | 4-004N |
