8.5.5 For a sample of user IDs, verify that there are no inactive accounts over 90 days old
[PCI DSS 1.x] 8.5.5 Remove inactive user accounts at least every 90 days
[READ-ONLY] Archives
[RETIRED] PCI DSS v.1.x Questions and Answers
Implement Strong Access Control Measures