II.
Workflow overview
Reference · liveworkflow:pci-dss-scoping
PCI DSS Scoping overview
Defines and validates the cardholder data environment boundary — network segmentation verification, data flow mapping, scope reduction analysis, compensating control documentation, and evidence gathering for QSA review. Excludes remediation implementation.
Attributes
displayName
PCI DSS Scoping
workflowKind
governance
triggerType
scheduled
typicalCadence
annually
complexity
cross-team
description
Defines and validates the cardholder data environment boundary — network
segmentation verification, data flow mapping, scope reduction analysis,
compensating control documentation, and evidence gathering for QSA review.
Excludes remediation implementation.
Outgoing edges
applies_to_domain2
- domain:security·DomainSecurity
- domain:cybersecurity·DomainCybersecurity
involves_role3
- role:security-reviewer·RoleSecurity Reviewer
- role:cloud-architect·RoleCloud Architect
- role:principal-engineer·RolePrincipal Engineer
performed_by_org_unit2
- org-unit:security-team·OrgUnitSecurity Team
- org-unit:application-security-team·OrgUnitApplication Security Team
requires_skill_area2
- skill-area:service-mesh-config·SkillAreaService Mesh Configuration
- skill-area:k8s-rbac·SkillAreaKubernetes RBAC
triggers_responsibility2
- responsibility:security-review·ResponsibilitySecurity review
- responsibility:threat-modeling·ResponsibilityThreat modeling
Incoming edges
None.