PCI 7:
From HORSE - Holistic Operational Readiness Security Evaluation.
Revision as of 16:45, 7 July 2006 by
Mdpeters
(
talk
|
contribs
)
(
diff
)
← Older revision
| Latest revision (diff) | Newer revision → (diff)
Jump to navigation
Jump to search
Requirement 7: Restrict access to data by business need-to-know.
This ensures critical data can only be accessed in an authorized manner.
PCI-7.1 Limit access to computing resources and cardholder information to only those individuals whose job requires such access.
PCI-7.2 Establish a mechanism for systems with multiple users that restricts access based on a user’s need to know, and is set to “deny all” unless specifically allowed.
--
Mdpeters
12:47, 7 July 2006 (EDT)
Navigation menu
Personal tools
Log in
Namespaces
Page
Discussion
English
Views
Read
View source
View history
More
Search
Navigation
Main Page
Community portal
Technology law and cyberspace law
IT risk management
IT governance
Compliance portal
Document portal
Security assessment
Awareness and training
Research
Current events
Recent changes
Help
Site support
Request list
Random page
Toolbox
What links here
Related changes
Special pages
Printable version
Permanent link
Page information