top of page
< Back

9.2 PCI DSS (v3.2.1)

Compliance Standard

Compliance Version

Control ID




Requirement 9: Restrict physical access to cardholder data


Develop procedures to easily distinguish between onsite personnel and visitors, to include:
• Identifying onsite personnel and visitors (for example, assigning badges)
• Changes to access requirements
• Revoking or terminating onsite personnel and expired visitor identification (such as ID badges).

bottom of page