Requirement 12 of the PCI DSS states, “Requirement 12: Maintain a policy that addresses information security for employees and contractors.” If you want to be successful at PCI start your policy effort by segregating your environments. Have an information security policy that is specifically for the card holder environment. These will make auditing and testing your environment much easier because you wont have to hold your entire environment to such high standards. This will help you achieve compliance fast.
You can read a lot more compliance discussion at this site.
Further 12.1 basically says you need a policy that addresses every single item in the PCI DSS.
Establish, publish, maintain, and disseminate a security policy that accomplishes the following:
12.1.1 Addresses all requirements in this specification
12.1.2 Includes an annual process that identifies threats and vulnerabilities, and results in a formal risk assessment
12.1.3 Includes a review at least once a year and updates when the environment changes.