⭐ Repository → 💼 PCI DSS v4.0 → 💼 8 Identify Users and Authenticate Access to System Components → 💼 8.6 Use of application and system accounts and associated authentication factors is strictly managed.

💼 8.6.1 If accounts used by systems or applications can be used for interactive login, they are managed.

• ID: /frameworks/pci-dss-v4.0/08/06/01

Description

As follows:

• Interactive use is prevented unless needed for an exceptional circumstance.
• Interactive use is limited to the time needed for the exceptional circumstance.
• Business justification for interactive use is documented.
• Interactive use is explicitly approved by management.
• Individual user identity is confirmed before access to account is granted.
• Every action taken is attributable to an individual user.

Similar

• Sections
  • /frameworks/pci-dss-v4.0.1/08/06/01
• Internal
  • ID: dec-c-e13ac015

Similar Sections (Take Policies From)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0.1 → 💼 8.6.1 If accounts used by systems or applications can be used for interactive login, they are managed.					no data

Similar Sections (Give Policies To)

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance
💼 PCI DSS v4.0.1 → 💼 8.6.1 If accounts used by systems or applications can be used for interactive login, they are managed.					no data

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance