Here is a link to an interesting blog article interpreting the audit requirement of the PCI standard.
For reference, here is a link (pdf) to the PCI 1.1 Data Security Standard itself.
The high-level PCI requirements are listed below. Requirement 10 is the requirement pertaining to audit.
Build and Maintain a Secure Network
· Requirement 1: Install and maintain a firewall configuration to protect data
· Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
· Requirement 3: Protect stored data
· Requirement 4: Encrypt transmission of cardholder data and sensitive information across public networks
Maintain a Vulnerability Management Program
· Requirement 5: Use and regularly update anti-virus software
· Requirement 6: Develop and maintain secure systems and applications
Implement Strong Access Control Measures
· Requirement 7: Restrict access to data by business need-to-know
· Requirement 8: Assign a unique ID to each person with computer access
· Requirement 9: Restrict physical access to cardholder data
Regularly Monitor and Test Networks
· Requirement 10: Track and monitor all access to network resources and cardholder data
· Requirement 11: Regularly test security systems and processes.
Maintain an Information Security Policy
· Requirement 12: Maintain a policy that addresses information security
UPDATE 2006/09/13: Linked to PCI standard v1.1. Thanks Mike for the heads up!