PCI DSS Requirement 10.7 restricts access to audit logs to individuals with a job-related need to protect the integrity and confidentiality of the logs.
Rationale for Job-Related Need:
Limiting access reduces the risk of tampering, accidental modification, or exposure of sensitive information.
Invalid Options:
A:Individuals who performed the activity should not necessarily view logs unless required.
B/C:Read/write access or administrator privileges are not prerequisites for log viewing.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit