💼 7.2.1 An access control model is defined and includes granting appropriate access.
- ID:
/frameworks/pci-dss-v4.0/07/02/01
Description
As follows:
- Appropriate access depending on the entity's business and access needs.
- Access to system components and data resources that is based on users' job classification and functions.
- The least privileges required (for example, user, administrator) to perform a job function.
Similar
- Sections
/frameworks/pci-dss-v3.2.1/07/01/01/frameworks/pci-dss-v4.0.1/07/02/01
- Internal
- ID:
dec-c-8b362850
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 7.1.1 Define access needs for each role. | 1 | no data | |||
| 💼 PCI DSS v4.0.1 → 💼 7.2.1 An access control model is defined and includes granting appropriate access. | 1 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v3.2.1 → 💼 7.1.1 Define access needs for each role. | 1 | no data | |||
| 💼 PCI DSS v4.0.1 → 💼 7.2.1 An access control model is defined and includes granting appropriate access. | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ AWS Lambda Function allows public access🟢 | 1 | 🟠 x1, 🟢 x5 | no data |