What is a Card Holder Data Flow Diagram (DFD)?

A key step in the Scoping stage is documenting cardholder data flows via a dataflow diagram. The objective is to show all cardholder data flows and ensure that any network segmentation is effective at isolating the cardholder data environment.

An original “As-Is” flow should be analysed. Once unnecessary data / unnecessary storage of cardholder data has been identified, a “To-be” cardholder data flow diagram should be documented which hopefully clearly defines the cardholder data environment (CDE) enabling an organisation to reduce the scope of PCI.

Posted in FAQ.