Skip to main content

💼 9.4 Implement procedures to identify and authorize visitors.

Contextual name: 💼 9.4 Implement procedures to identify and authorize visitors.
ID: /frameworks/pci-dss-v3.2.1/09/04
Located in: 💼 9 Restrict physical access to cardholder data

Description

Empty...

Similar

Sections
- /frameworks/pci-dss-v4.0/09/03/02
Internal
- ID: dec-c-83d6521c

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v4.0 → 💼 9.3.2 Procedures are implemented for authorizing and managing visitor access to the CDE.

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v4.0 → 💼 9.3.2 Procedures are implemented for authorizing and managing visitor access to the CDE.

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 9.4.1 Visitors are authorized before entering, and escorted at all times within, areas where cardholder data is processed or maintained.
💼 9.4.2 Visitors are identified and given a badge or other identification that expires and that visibly distinguishes the visitors from onsite personnel.
💼 9.4.3 Visitors are asked to surrender the badge or identification before leaving the facility or at the date of expiration.
💼 9.4.4 A visitor log is used to maintain a physical audit trail of visitor activity to the facility as well as computer rooms and data centers where cardholder data is stored or transmitted.

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections