From cf6c00e390367fd77611731f4681eefd50b7bdea Mon Sep 17 00:00:00 2001
From: "compliance-pr-automation[bot]"
 <1425255+compliance-pr-automation-bot[bot]@users.noreply.github.com>
Date: Wed, 17 Sep 2025 10:44:19 +0000
Subject: [PATCH] [Compliance] - PR Template Changes Required

---
 .github/pull_request_template.md | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md
index e1c8ecffc..56129e51e 100644
--- a/.github/pull_request_template.md
+++ b/.github/pull_request_template.md
@@ -19,3 +19,15 @@ Items in this checklist may not may not apply to your PR, but please consider ea
 - [ ] Conduct reasonable cross browser testing for both compatibility and responsive behavior (We have a [Sauce Labs](https://app.saucelabs.com/) account for this, if you don't have access, just ask!).
 - [ ] Conduct reasonable accessibility review (use the [WAS](https://accessible.org/Web-Accessibility-Standards-WAS-2.pdf) as a guide or an [axe browser plugin](https://www.deque.com/axe/) until we establish more formal checks).
 - [ ] Identify (in the description above) and document (add Asana tasks on [this board](https://app.asana.com/0/1100423001970639/list)) any technical debt that you're aware of, but are not addressing as part of this PR.
+
+## PCI review checklist
+
+<!-- heimdall_github_prtemplate:grc-pci_dss-2024-01-05 -->
+
+- [ ] I have documented a clear reason for, and description of, the change I am making.
+
+- [ ] If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.
+
+- [ ] If applicable, I've documented the impact of any changes to security controls.
+
+  Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.