[PCI DSS 3.0] [PCI DSS 3.0] 3.6.8 Requirement for cryptographic key custodians to formally acknowledge that they understand and

pcinetwork

PCINetwork.org Admin
#1
3.6.8 Requirement for cryptographic key custodians to formally acknowledge that they understand and accept their key-custodian responsibilities.

3.6.8.a Verify that key-management procedures specify processes for key custodians to acknowledge (in writing or electronically) that they understand and accept their key- custodian responsibilities.

3.6.8.b Observe documentation or other evidence showing that key custodians have acknowledged (in writing or electronically) that they understand and accept their key- custodian responsibilities.

This process will help ensure individuals that act as key custodians commit to the key-custodian role and understand and accept the responsibilities.
 
Top