>myctrl.tools
Preferences
Under active development Content is continuously updated and improved
Compare

9.4.7Electronic media with cardholder data is destroyed when no longer needed for business or legal reasons via one of the following: The electronic media is destroyed.

>Requirement Description

Electronic media with cardholder data is destroyed when no longer needed for business or legal reasons via one of the following: The electronic media is destroyed. The cardholder data is rendered unrecoverable so that it cannot be reconstructed. Applicability Notes These requirements for media destruction when that media is no longer needed for business or legal reasons are separate and distinct from PCI DSS Requirement 3.2.1, which is for securely deleting cardholder data when no longer needed per the entity’s cardholder data retention policies.

>Cross-Framework Mappings

NIST CSF 2.0

via NIST OLIR Catalog
GV.OC-03
Compare
GV.SC-10
Compare
PR.DS-01
Compare
PR.DS-11
Compare
PR.PS-03
Compare

SCF

AST-09
Compare
DCH-09
Compare
DCH-09.1
Compare
DCH-18
Compare
PRI-05
Compare

Ask AI

Configure your API key to use AI features.