💼 7.2 Access to system components and data is appropriately defined and assigned.

• Contextual name: 💼 7.2 Access to system components and data is appropriately defined and assigned.

• ID: /frameworks/pci-dss-v4.0/07/02

• Located in: 💼 7 Restrict Access to System Components and Cardholder Data by Business Need to Know

Description

Empty...

Similar

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags
💼 7.2.1 An access control model is defined and includes granting appropriate access.
💼 7.2.2 Access is assigned to users, including privileged users, based on job classification, function, and least privileges.
💼 7.2.3 Required privileges are approved by authorized personnel.
💼 7.2.4 All user accounts and related access privileges, including third-party/vendor accounts, are reviewed.
💼 7.2.5 All application and system accounts and related access privileges are assigned and managed.	1
💼 7.2.5.1 All access by application and system accounts and related access privileges are reviewed.
💼 7.2.6 All user access to query repositories of stored cardholder data is restricted.