PCI Implementation Training Course
PCI DSS Implementation Training Course
The Payment Card Industry Data Security Standard (PCI DSS) is administered by the PCI Security Standards Council (PCI SCC) with the specific objectives of decreasing payment card fraud across the internet and increasing the security of confidential payment card information.
Every organisation that stores or transmits or processes card holder data must comply with PCI DSS standard. Compliance to the standard is regulated and enforced by payment card brands (VISA, MasterCard, American Express) directly or through their partner relationships with ‘acquirer’ banks.
Designed by a Qualified Security Assessor (QSA), this three day training course aims to develop the skills required to ensure that any organisation meets the requirements of the standard as defined by their payment card brand and their acquiring bank.
Course Agenda
Course Timetable:
- Day 1: 09.30 – 17.00
- Day 2: 09.30 – 17.00
- Day 3: 09.30 – ~15.00 (Exam) 17.30 (Optional Consultancy Session)
What will you learn on this course?
- The purpose of the PCI DSS and the requirement for protection of cardholder data.
- PCI DSS objectives and intent.
- Related PCI standards and programmes.
- Understand how PCI DSS compliance is enforced by the payment brands.
- Compliance needs for merchants and service providers. Explanation of the different levels.
- Understand how compliance must be reported by merchants and service providers.
- Overview of the 12 standard requirements.
- Scoping and applicability of the PCI DSS.
- Technical Implementation of the requirements.
- Use of IT Governance PCI DSS Documentation Toolkit
- Project management.
- Maintaining compliance.
- Additional considerations for: call centres, encryption, software development, mobile payments, skimming.
Who should attend this course?
Individuals who are responsible for the ensuring that their organisation becomes fully compliant to the technical and business requirements of the PCI DSS standard. Consultants seeking to provide PCI implementation advice to their respective client organisations.
For a practical session on how to complete the PCI DSS v3.2 Self Assessment Questionnaires (SAQs), please see our one-day PCI DSS v3.2 SAQ Workshop.
Course contents include
- The purpose of the PCI DSS and the requirement for protection of cardholder data.
- PCI DSS objectives and intent.
- Related PCI standards and programmes.
- Understand how PCI DSS compliance is enforced by the payment brands.
- Compliance needs for merchants and service providers. Explanation of the different levels.
- Understand how compliance must be reported by merchants and service providers.
- Overview of the 12 standard requirements.
- Scoping and applicability of the PCI DSS.
- Technical Implementation of the requirements.
- Use of IT Governance PCI DSS Documentation Toolkit
- Project management.
- Maintaining compliance.
- Additional considerations for: call centres, encryption, software development, mobile payments, skimming.
Entry Requirements
There are no formal entry requirements.
We recommend that all delegates download (free) and read the Payment Card Industry Data Security Standard (PCI DSS) document from the PCI SSC website.You may also benefit from advance reading of the following introductory guide: PCI DSS – A Pocket Guide.
The Exam
This course prepares delegates for an optional examination on the last day of the training programme. Successful candidates will be awarded the PCI DSS Implementation (PCI IM) qualification by the International Board for IT Governance Qualifications (IBITGQ).
Duration: 3 Day
Cost: £1,195 + VAT
PCI Implementation Training Scotland, Inverness, Glasgow, Edinburgh, Aberdeen and onsite courses throughout Scotland