The Open Services Report is provided to assist merchants with satisfying PCI DSS requirement 1.1.6. The excerpt below is from the document PCI DSS Requirements and Security Assessment Procedures. This document is published on the PCI Security Standards Council's web site at:
https://www.pcisecuritystandards.org/security_standards/documents.php
"1.1.6 Documentation and business justification for use of all services, protocols, and ports allowed, including documentation of security features implemented for those protocols considered to be insecure.
Examples of insecure services, protocols, or ports include but are not limited to FTP, Telnet, POP3, IMAP, and SNMP v1 and v2."