💼 3.7.5 Key management policies procedures are implemented to include the retirement, replacement, or destruction of keys used to protect stored account data.
- ID:
/frameworks/pci-dss-v4.0/03/07/05
Description​
As deemed necessary when:
- The key has reached the end of its defined cryptoperiod.
- The integrity of the key has been weakened, including when personnel with knowledge of a cleartext key component leaves the company, or the role for which the key component was known.
- The key is suspected of or known to be compromised.
Retired or replaced keys are not used for encryption operations.
Similar​
- Sections
/frameworks/pci-dss-v3.2.1/03/06/05/frameworks/pci-dss-v4.0.1/03/07/05
- Internal
- ID:
dec-c-54ac314f
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 3.6.5 Retirement or replacement of keys as deemed necessary when the integrity of the key has been weakened, or keys are suspected of being compromised. | no data | ||||
| 💼 PCI DSS v4.0.1 → 💼 3.7.5 Key management policies procedures are implemented to include the retirement, replacement, or destruction of keys used to protect stored account data. | no data |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 3.6.5 Retirement or replacement of keys as deemed necessary when the integrity of the key has been weakened, or keys are suspected of being compromised. | no data | ||||
| 💼 PCI DSS v4.0.1 → 💼 3.7.5 Key management policies procedures are implemented to include the retirement, replacement, or destruction of keys used to protect stored account data. | no data |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|