Which item should be included in documented procedures for inspecting payment devices for tampering or substitution?

Focusing on device integrity requires clear, actionable steps that staff can follow to detect tampering or substitution. Documented procedures should specify exactly how to inspect the device surfaces for signs of tampering—such as broken or resealed tamper-evident seals, loose components, added attachments, or unusual residue—as well as when those inspections should happen. Setting a defined frequency ensures checks occur consistently, making it possible to catch tampering early and provide auditable evidence for security reviews. Without a defined inspection method and schedule, checks can be skipped or performed inconsistently, increasing risk. A list of approved vendors relates to procurement, not ongoing device integrity inspections. Replacing devices on a fixed annual basis, regardless of condition, ignores actual risk and may waste resources. Therefore, including procedures for inspecting device surfaces and the frequency of inspections best supports detecting tampering or substitution.