PCI DSS Implementation Training Course

Provided by

Enquire about this course

About the course

PCI DSS Implementation Training Course


The Payment Card Industry Data Security Standard (PCI DSS) is administered by the PCI Security Standards Council (PCI SCC) with the specific objectives of decreasing payment card fraud across the internet and increasing the security of confidential payment card information.

Every organisation that stores or transmits or processes card holder data must comply with PCI DSS standard. Compliance to the standard is regulated and enforced by payment card brands (VISA, MasterCard, American Express) directly or through their partner relationships with ‘acquirer’ banks.

Designed by a Qualified Security Assessor (QSA), this three day training course aims to develop the skills required to ensure that any organisation meets the requirements of the standard as defined by their payment card brand and their acquiring bank.

Course Agenda
Course Timetable:

Day 1: 09.30 – 17.00
Day 2: 09.30 – 17.00
Day 3: 09.30 – ~15.00 (Exam) 17.30 (Optional Consultancy Session)

What will you learn on this course?

  • The purpose of the PCI DSS and the requirement for protection of cardholder data.
  • PCI DSS objectives and intent.
  • Related PCI standards and programmes.
  • Understand how PCI DSS compliance is enforced by the payment brands.
  • Compliance needs for merchants and service providers. Explanation of the different levels.
  • Understand how compliance must be reported by merchants and service providers.
  • Overview of the 12 standard requirements.
  • Scoping and applicability of the PCI DSS.
  • Technical Implementation of the requirements.
  • Use of IT Governance PCI DSS Documentation Toolkit
  • Project management.
  • Maintaining compliance.
  • Additional considerations for: call centres, encryption, software development, mobile payments, skimming.

Who should attend this course?
Individuals who are responsible for the ensuring that their organisation becomes fully compliant to the technical and business requirements of the PCI DSS standard. Consultants seeking to provide PCI implementation advice to their respective client organisations.

For a practical session on how to complete the PCI DSS v3.2 Self Assessment Questionnaires (SAQs), please see our one-day PCI DSS v3.2 SAQ Workshop.

Course contents include

  • The purpose of the PCI DSS and the requirement for protection of cardholder data.
  • PCI DSS objectives and intent.
  • Related PCI standards and programmes.
  • Understand how PCI DSS compliance is enforced by the payment brands.
  • Compliance needs for merchants and service providers. Explanation of the different levels.
  • Understand how compliance must be reported by merchants and service providers.
  • Overview of the 12 standard requirements.
  • Scoping and applicability of the PCI DSS.
  • Technical Implementation of the requirements.
  • Use of IT Governance PCI DSS Documentation Toolkit
  • Project management.
  • Maintaining compliance.
  • Additional considerations for: call centres, encryption, software development, mobile payments, skimming.

Entry Requirements
There are no formal entry requirements.

We recommend that all delegates download (free) and read the Payment Card Industry Data Security Standard (PCI DSS) document from the PCI SSC website.You may also benefit from advance reading of the following introductory guide: PCI DSS – A Pocket Guide.

The Exam


This course prepares delegates for an optional examination on the last day of the training programme. Successful candidates will be awarded the PCI DSS Implementation (PCI IM) qualification by the International Board for IT Governance Qualifications (IBITGQ).

Duration: 3 Day

Cost: £1,195 + VAT

PCI Implementation Training Scotland, Inverness, Glasgow, Edinburgh, Aberdeen and onsite courses throughout Scotland

 

Enquire

Start date Location / delivery
No fixed date Glasgow, Aberdeen, Inverness

Related article

As we become more reliant on digital technologies, the cyber security industry has grown in order to protect organisations against online attacks. ...