According to the PCI DSS v3.2.1 Quick Reference Guide1, assigning a unique ID to each person is intended to ensure individual users are accountable for their own actions, rather than shared accounts or group accounts based on need-to-know. This is one of the requirements for ensuring that user accounts are properly managed and controlled.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit