>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

9.4.6Hard-copy materials with cardholder data are destroyed when no longer needed for business or legal reasons, as follows: Materials are cross-cut shredded, incinerated, or pulped so that cardholder data cannot be reconstructed.

>Requirement Description

Hard-copy materials with cardholder data are destroyed when no longer needed for business or legal reasons, as follows: Materials are cross-cut shredded, incinerated, or pulped so that cardholder data cannot be reconstructed. Materials are stored in secure storage containers prior to destruction. Applicability Notes These requirements for media destruction when that media is no longer needed for business or legal reasons are separate and distinct from PCI DSS Requirement 3.2.1, which is for securely deleting cardholder data when no longer needed per the entity’s cardholder data retention policies.

>Cross-Framework Mappings

NIST CSF 2.0

via NIST OLIR Catalog
GV.OC-03
Compare
GV.SC-10
Compare
PR.DS-01
Compare

SCF

DCH-08
Compare
DCH-18
Compare
PRI-05
Compare

Ask AI

Configure your API key to use AI features.