PCI DSS 3.2.1 - The Evidences Book
Preparing for and maintaining PCI compliance implies compilation and retention of a large amount of evidences of all kind.
Collecting those before an audit provides assurance of your readiness level and helps detecting and fixing any gaps before the auditors uncover them. On their side, auditors will obviously look for fresh items but presenting your collection and associated process will doubtlessly soar their level of confidence on your capability to meet compliance.
This document lists and details evidences required for PCI DSS 3.2.1 compliance in the following sections:
Section 0 – Scope
Section 1 – Implementation Evidences
Section 2 – List of Policies
Section 3 – List of Procedures
In each section, evidences are listed and defined per PCI DSS topic, each topic referring to associated requirements and testing procedures.
Use this document as your book of references/links to your evidences repository