Access to CDE and CHD in PCI DSS Abena Frimpong October 17, 2023 11:12 1 comment If someone has access to CDE does that mean that person can also access CHD? Comments 1 comment Sort by Date Votes Shannon DeLange October 27, 2023 20:09 Hi Abena Frimpong, The Cardholder Data Environment (CDE) is the term used to describe all the people, processes, and technologies that store, process, or transmit cardholder data (CHD). So, if someone has access to the CDE, it means they potentially have access to CHD as well. However, it's important to note that just because someone has access to the CDE, it doesn't necessarily mean they can access all CHD. Access controls should be in place to ensure that individuals can only access the data they need to perform their job duties. This is a principle known as least privilege. Regular access reviews must be conducted to help prevent potential data breaches and help limit the potential damage if an account is compromised. Organizations need to have current and complete Network and Data Flow Diagrams to understand who has access to which systems that are processing, storing, and transmitting CHD and what level of access individuals have within the CDE. 0 Please sign in to leave a comment.