Pci Dss Data Flow Diagram. The report on compliance suggests that cardholder data flow diagrams may also be included as a supplement to the description of how cardholder data is transmitted and or processed. Regardless they are great way to communicate and document the cde and pci dss scope.
Depending on the complexity of your network and processes you could have one combined network and data flow diagram or you may require multiple diagrams. Part of this requirement involves creating network infrastructure and data flow diagrams related to the cardholder data environment cde. Regardless they are great way to communicate and document the cde and pci dss scope.
Cardholder data flow diagrams identify the location of all cardholder data that is stored processed or transmitted within the network.
Pci data security standard pci dss date. Depending on the complexity of your network and processes you could have one combined network and data flow diagram or you may require multiple diagrams. Organisations required to formally assess their compliance must have network and data flow diagram s. Requirement 1 1 2 in the pci dss requires the assessor to validate that a current network diagram with all connections to cardholder data including any wireless networks be available and also ensure that a process is in place to keep the diagram current.
