Please have the below table completed and returned.
4.3 Cardholder data storage
Identify and list all databases, tables, and files storing post-authorization cardholder data and provide the following details.
Note: The list of files and tables that store cardholder data in the table below must be supported by an inventory created (or obtained from the client) and retained by the assessor in the work papers.
Data Store (database, etc.)
File(s) and/or Table(s)
Cardholder data elements stored (for example, PAN, expiry, any elements of SAD) – put fieldname
How data is secured (for example, use of encryption, access controls, truncation, etc.)
How access to data stores is logged (description of logging mechanism used for logging access to data—for example, enterprise log management solution, application-level logging, operating system logging, etc.)
pt135
ATTRIBUTE
PI, or PII or PCI data
encrypted
R and D may be able to speak
DISPATCH_INTERACT
PI, or PII or PCI data
encrypted
R and D may be able to speak
READ_WRITE_ATTRIBUTE
PI, or PII or PCI data
encrypted
R and D may be able to speak
PT235
ATTRIBUTE
PI, or PII or PCI data
encrypted
R and D may be able to speak
DISPATCH_INTERACT
PI, or PII or PCI data
encrypted
R and D may be able to speak
READ_WRITE_ATTRIBUTE
PI, or PII or PCI data
encrypted
R and D may be able to speak
pr101
ATTRIBUTE
PI, or PII or PCI data
encrypted
R and D may be able to speak
DISPATCH_INTERACT
PI, or PII or PCI data
encrypted
R and D may be able to speak
INTERACT
PI, or PII or PCI data
encrypted
R and D may be able to speak
Data Store (database, etc.)
File(s) and/or Table(s)
Cardholder data elements stored (for example, PAN, expiry, any elements of SAD) – put fieldname
How data is secured (for example, use of encryption, access controls, truncation, etc.)
How access to data stores is logged (description of logging mechanism used for logging access to data—for example, enterprise log management solution, application-level logging, operating system logging, etc.)