PCI DSS Implementation Training Course

Provided by

About the course

PCI DSS Implementation training course

This three-day course, fully updated for PCI DSS (Payment Card Industry Data Security Standard) v3.2, provides a comprehensive introduction to the Standard and delivers practical guidance on all aspects of implementing a PCI DSS compliance program.

Practical guidance and real-world examples will be taught, providing attendees with a full understanding of how to implement the different aspects of a PCI programme. Day one of this course covers PCI DSS Foundation and days two and three cover the implementation.

The benefits of the PCI DSS Implementation course

  • Learn in-depth about the PCI DSS assessment, test procedures and reporting requirements.
  • Understand the differences between SAQs (self-assessment questionnaires) and their usage.
  • Gain insight into a QSA auditor’s perspective on scoping and reduction, gap analysis, remediation and auditing issues.
  • Take part in interactive sessions that will allow attendees to ask questions relating to their own organisation and cardholder environment.
  • Gain an expert view on how to create a compensating control and what situations may or may not be appropriate for such controls.
  • Understand the effects of new technology on PCI DSS compliance.

The PCI DSS Implementation course pass rate

The average pass rate for this course is 90%.

Who should attend this course?

This course is designed for individuals responsible for implementing all or part of the technical and business requirements of the Standard, for example:

  • Information security managers
  • Security engineers
  • IT directors
  • PCI DSS project managers

This course is also suitable for consultants seeking to provide PCI implementation advice to their respective client organisations.

Why choose IT Governance for your training needs?

IT Governance Ltd is a QSA (Qualified Security Assessor) approved by the PCI SCC (Security Standards Council), which means we regularly audit PCI compliance across a wide range of organisations.

By choosing us for PCI training you benefit from our wealth of practical experience gained as a QSA. Our course provides a practical, hands-on approach, allowing attendees to gain a clear understanding of the PCI DSS and the tools needed to apply that knowledge in their organisation’s payment environment.

  • We’re a QSA (Qualified Security Assessor) – we’re approved by the PCI SCC (Security Standards Council), which means we regularly audit PCI compliance across a wide range of organisations.
  • Trained by industry experts – our trainers are working consultants with years of practical, hands-on experience.
  • Pass first time or train again for free – we have trained more than 17,000 people and we’re confident you’ll pass with us first time. If you don’t, we’ll train you again for free.*
  • Choose the method that suits you – we offer classroom, Live Online, distance learning, e-learning and in-house training options.
  • Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available 20 days before your course.
  • Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions.

What does the PCI DSS Implementation training course cover?

The course will cover:

  • Outline of payment processes
  • PCI DSS Ecosphere
  • Why the PCI DSS?
  • Where does it apply?
  • The six control objectives
  • The 12 requirements
  • Compliance and enforcement
  • Remediation and non-compliance
  • Compliance structures
  • Self-assessment or audit?
  • Scoping principles of the PCI DSS
  • How to scope for the PCI DSS
  • Scope reduction
  • The 12 Requirements
  • Practical implications of the PCI DSS
  • Documentation and evidence
  • Managing a PCI DSS project
  • How to gain compliance
  • The prioritised approach
  • What is ‘business as usual’?
  • Going beyond the PCI DSS controls

Course agenda

  • The purpose of the PCI DSS and the requirement for protection of cardholder data.
  • PCI DSS objectives and intent.
  • Related PCI standards and programmes.
  • Understand how PCI DSS compliance is enforced by the payment brands.
  • Compliance needs for merchants and service providers. Explanation of the different levels.
  • Understand how compliance to the standard must be reported by merchants and service providers.
  • Overview of the 12 standard requirements.
  • Technical Implementation of the requirements.
  • Use of IT Governance PCI DSS Documentation Toolkit.
  • Project management.
  • Maintaining compliance.
  • Additional considerations for: call centres, encryption, software development, mobile payments, skimming.

What’s included in this course?

  • A professional training venue with lunch and refreshments;
  • Full course materials (digital copy provided as a PDF file);
  • The PCI DSS Implementation exam; and
  • A certificate of attendance.

What equipment should I bring?

The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Your complete training programme

This course is part of our training programme. You can download your training pathway below to find your next recommended courses.

Course duration and times

Day 1: 9.30 am – 5:00 pm
Day 2: 9.30 am – 5:00 pm
Day 3: 9.30 am– 5:00 pm (exam), 5:30 pm (optional consultancy session)

Course locations:

London

CPD/CPE points

This course is equivalent to 21 CPD/CPE points.

PCI DSS Implementation exam

This course prepares attendees for an optional examination on the last day of the training programme.

What qualifications will I receive?

Successful candidates will be awarded the PCI DSS Implementation (PCI IM) qualification by IBITGQ (the International Board for IT Governance Qualifications).

How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Yes, you can retake the exam at an extra cost if you are unsuccessful on the first attempt. You can email us to schedule the retest for the exam.

Related article

Is the online Cyber Security MSc from the University of Liverpool the right path for you? If you are looking to take the next step in your IT caree...