Skip to main content

💼 7.2.1 An access control model is defined and includes granting appropriate access.

Contextual name: 💼 7.2.1 An access control model is defined and includes granting appropriate access.
ID: /frameworks/pci-dss-v4.0/07/02/01
Located in: 💼 7.2 Access to system components and data is appropriately defined and assigned.

Description

As follows:

Appropriate access depending on the entity's business and access needs.
Access to system components and data resources that is based on users' job classification and functions.
The least privileges required (for example, user, administrator) to perform a job function.

Similar

Sections
- /frameworks/pci-dss-v3.2.1/07/01/01
- /frameworks/pci-dss-v4.0.1/07/02/01

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 7.1.1 Define access needs for each role.
💼 PCI DSS v4.0.1 → 💼 7.2.1 An access control model is defined and includes granting appropriate access.

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags
💼 PCI DSS v3.2.1 → 💼 7.1.1 Define access needs for each role.
💼 PCI DSS v4.0.1 → 💼 7.2.1 An access control model is defined and includes granting appropriate access.

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags

Description
Similar
Similar Sections (Take Policies From)
Similar Sections (Give Policies To)
Sub Sections