| Activity | AD2650 Payment Card Security |
| Records Series | 31 - PCI DSS Compliance Files |
| OPR | Financial Services |
| Description | Records consists of PIN pad inspection logs, PCI staff logs, declaration documents, Self-Assessment Questionnaires (SAQ), Attestations of Compliance (AOC), workflow diagrams, network diagrams, Approved Scanning Vendor (ASV) results, internal and external audit records, device and equipment inventories, user account and access rights management, reviews of third-party service providers, and annual PCI compliance submissions. |
| Retention Trigger | CY |
| Total Retention | 3 years |
| Final Action | D |
| Disposition Plan | |
| Retention Rationale | Retention based on anticipated operational use. |
| PIB | No |
| Vital Records |
This schedule applies to official records in all media. Convenience or duplicate copies of official records are considered transitory and should not be kept longer than necessary, and in no event longer than the official copy.
GLOSSARY
- AR = Transfer to Archives
- AY = End of Academic Year
- CO = Continuous OVerwrite
- CY = End of Calendar Year
- D = Destroy / Delete
- DP = Special Disposition Plan
- FY = End of Fiscal Year
- OPR = Office of Primary Responsibility
- PIB = Personal Information Bank
Printed on Wednesday, Jan 15 2025