PCI Requirement 7.2.1 – Coverage of all System Components
PCI v4.0 - 7.2.1: Have an Access Control Model In Place
PCI Readiness Series: PCI DSS Requirement 7
PCI Requirement 7 – Restrict Access to Cardholder Data by Business Need to Know
PCI Requirement 7.1.2 – Restrict Access to Privileged User IDs to Least Privileges Necessary
PCI Requirement 7.1.4 – Require Documented Approval by Authorized Parties
PCI Requirement 7.1.3 - Assign access based on individual personnel’s job classification & function
PCI Requirement 12.3.1 – Explicit Approval by Authorized Parties
PCI Requirement 7.3 – Document Policies & Procedures for Restricting Access to Cardholder Data
PCI Requirement 5.1.2 – Perform Evaluations to Identify & Evaluate Evolving Malware Threats
PCI Requirement 9.8.1 – Shred Hard-Copy Materials so CHD Cannot be Reconstructed
PCI Requirement 3.6.6 Using Split Knowledge & Dual Control
PCI Requirement 10.5.1 – Limit Viewing of Audit Trails to Those with a Job-Related Need
PCI Requirement 9.6.2 – Send the Media by Secured Courier
PCI Requirement 12.11.1 – Maintain Documentation of Quarterly Review Process
PCI Requirement 6.3.2 – Review Custom Code Prior to Release
PCI Requirement 12.3.2 – Authentication for Use of the Technology
PCI Requirement 11.1 – Implement Processes to Test for the Presence of Wireless Access Points
PCI Requirement 8.2.3 – Passwords Require a Min. of Seven Characters and Contain Numbers & Letters
PCI DSS 3.2: Req. 10.8 and 10.8.1