2.4 Maintain an inventory of system components that are in scope for PCI DSS

2.4.a Examine system inventory to verify that a list of hardware and software components is maintained and includes a description of function/use for each.
2.4.b Interview personnel to verify the documented inventory is kept current.

Maintaining a current list of all system components will enable an organization to accurately and efficiently define the scope of their environment for implementing PCI DSS controls. Without an inventory, some system components could be forgotten, and be inadvertently excluded from the organization’s configuration standards.