PCI DSS Visa Incident Report Template

Download Free Payment Card Industry Data Security Standard (PCI DSS Visa) Incident Report Template

I. Executive Summary
a. Include overview of the incident
b. Include Risk Level (High, Medium, Low)
c. Determine if compromise has been contained

II. Background

III. Initial Analysis

IV. Investigative Procedures
a. Include forensic tools used during investigation

V. Findings
a. Number of accounts at risk, identify those stored and compromised
b. Type of account information at risk
c. Identify ALL systems analyzed. Include the following:
i. Domain Name System (DNS) names
ii. Internet Protocol (IP) addresses
iii. Operating System (OS) version
iv. Function of system(s)
d. Identify ALL compromised systems. Include the following:
i. DNS names
ii. IP addresses
iii. OS version
iv. Function of system(s)
e. Timeframe of compromise
f. Any data exported by intruder
g. Established how and source of compromise
h. Check all potential database locations to ensure that no CVV2, Track 1 or Track 2 data is stored anywhere, whether encrypted or unencrypted (e.g., duplicate or backup tables or databases, databases used in development, stage or testing environments data on software engineers’ machines, etc.).
i. If applicable, review VisaNet endpoint security and determine risk.

VI. Compromised Entity Action

VII. Recommendations

VIII. Contact(s) at entity and security assessor performing investigation