| 💼 3.6.1 Procedures are defined and implemented to protect cryptographic keys used to protect stored account data against disclosure and misuse. | 3 | | 1 | | no data |
|  💼 3.6.1.1 A documented description of the cryptographic architecture is maintained. | | | | | no data |
|  💼 3.6.1.2 Secret and private keys used to encrypt/decrypt stored account data are stored in one (or more) of the described forms at all times. | | | | | no data |
|  💼 3.6.1.3 Access to cleartext cryptographic key components is restricted to the fewest number of custodians necessary. | | | | | no data |