What is required for access to the cardholder data environment in relation to job function and termination?

• A. Access to the cardholder data environment must be controlled by job function and terminated with revocation of access and return or disablement of credentials.
• B. Access is granted to all employees regardless of function.
• C. Access is reviewed only during annual audits.
• D. Access to the cardholder data environment is optional.

Answer: (A)

Access to the cardholder data environment must be limited to what each job function requires and must be removed promptly when someone leaves or changes roles. This follows the principle of least privilege and need-to-know, ensuring that only authorized personnel can reach cardholder data. The correct approach states that access is controlled by job function and that, at termination, privileges are revoked and credentials are returned or disabled. This offboarding step is crucial to prevent any continuing access after leaving the company, such as deactivating accounts, revoking tokens, and reclaiming badges or keys. The other options imagine broad or optional access or infrequent reviews, which would weaken protection of cardholder data.