JE KIS

PCI DSS FOUNDATION, IMPLEMENTATION, V3 SAQ WORKSHOP

PCI DSS FOUNDATION, IMPLEMENTATION, V3 SAQ WORKSHOP

PCI DSS Foundation Training

This one-day foundation course offers an introduction to the Payment Card Industry Security Standard (PCI DSS) and provides practical guidance on its relevance to your organization.

PCI DSS is overseen by the PCI Security Standards Council (PCI SCC) with the specific aims of reducing payment card fraud on the internet and enhancing the security of sensitive payment card data.

Any organization that handles, stores, or transmits cardholder data is obligated to adhere to the PCI DSS standard. Compliance with this standard is monitored and enforced by payment card companies like VISA, MasterCard, and American Express, either directly or through their affiliations with acquiring banks.

Designed by a Qualified Security Assessor (QSA), this training course facilitates a comprehensive understanding of PCI DSS and equips learners to efficiently plan a cost-effective compliance project.

This course is suitable for individuals involved in PCI DSS compliance projects who seek a foundational understanding of the standard and its requirements.

If you require more extensive and hands-on coverage of all aspects of implementing and maintaining PCI DSS compliance, please consider our four-day PCI DSS Implementation Training Course.

For a practical session on completing PCI DSS v3.2 Self-Assessment Questionnaires (SAQs), please refer to our two-day PCI DSS v3.2 SAQ Workshop.

  1. The purpose of PCI DSS and the necessity of cardholder data protection.
  2. PCI DSS objectives and their underlying intent.
  3. Related PCI standards and programs.
  4. Comprehending how payment brands enforce PCI DSS compliance.
  5. Compliance requirements for both merchants and service providers, with an explanation of different levels.
  6. Understanding how merchants and service providers must report their compliance with the standard.
  7. An overview of the 12 standard requirements.

Entry requirements:

This introductory course has no formal prerequisites.

PCI DSS Implementation 

This four-day program offers comprehensive and practical training on implementing Payment Card Industry Security Standard (PCI DSS) compliance. Upon successfully completing the inclusive exam, participants will earn the industry-recognized PCI DSS Implementation (PCI IM) qualification. The course is fully aligned with the latest PCI DSS v3.2 standard, which is overseen by the PCI Security Standards Council (PCI SCC). Its primary goals are to reduce payment card fraud on the internet and enhance the security of sensitive payment card data.

Every organization that handles, stores, or transmits cardholder data must adhere to the PCI DSS standard. Compliance is monitored and enforced either directly by payment card brands such as VISA, MasterCard, and American Express or through their partnerships with acquiring banks.

Designed by a Qualified Security Assessor (QSA), this four-day training equips participants with the necessary skills to ensure their organization meets the standard’s requirements as defined by their payment card brand and acquiring bank.

 

This course is suitable for individuals responsible for ensuring their organization achieves full compliance with the technical and business aspects of the PCI DSS standard. It is also valuable for consultants looking to offer PCI implementation guidance to their clients.

The course covers the following topics:

  • The purpose of PCI DSS and the importance of cardholder data protection.
  • PCI DSS objectives and intentions.
  • Related PCI standards and programs.
  • Understanding how payment brands enforce PCI DSS compliance.
  • Compliance requirements for merchants and service providers, including an explanation of different compliance levels.
  • Understanding how compliance reporting works for merchants and service providers.
  • An overview of the 12 standard requirements.
  • Determining the scope and applicability of PCI DSS.
  • Technical implementation of the requirements.
  • Utilization of the PCI DSS Documentation Toolkit.
  • Project management for PCI DSS implementation.
  • Maintaining ongoing compliance.
  • Special considerations for call centers, encryption, software development, mobile payments, and skimming.
Entry Requirements

There are no formal prerequisites for this course. However, we recommend that all participants download and read the Payment Card Industry Data Security Standard (PCI DSS) document from the PCI SCC website, which is available for free.

The Examination

This course prepares participants for an optional examination held on the final day of the training program. Successful candidates will earn the PCI DSS Implementation (PCI IM) qualification.

PCI DSS Version 3 Self-Assessment Questionnaire (SAQ) Workshop

This two-day workshop is tailored to equip participants with the practical knowledge necessary to successfully complete the updated PCI DSS Version 3 SAQs and ensure full compliance with the PCI DSS Version 3 standard.

Comprehend the newly introduced PCI SAQs and attain compliance with PCI DSS Version 3.0. The Payment Card Industry Data Security Standard (PCI DSS) Version 3, issued in November 2013, mandates that most service providers and merchants must complete a Self-Assessment Questionnaire (SAQ).

This latest version of the standard has brought forth new SAQ eligibility criteria and more intricate SAQ documents. For instance, merchants who previously completed SAQ A, consisting of just 13 questions, may now need to tackle the new SAQ-EP, which comprises a staggering 139 questions! Larger merchants with multiple payment systems will be obliged to submit multiple SAQ types and meet additional requirements, including penetration testing.

PCI DSS Version 3 Effective from January 1, 2015 The updated PCI DSS Version 3 SAQ documents and requirements will be enforced starting January 1, 2015. All organizations worldwide will be mandated to use and complete these documents to maintain their annual PCI DSS compliance. The PCI DSS Version 3 SAQ Workshop is a two-day practical session designed to assist merchants and service providers in confidently and smoothly navigating the SAQ process.

Managers responsible for ensuring their organizations maintain full PCI DSS compliance should attend this course.

The course curriculum, led by a PCI QSA (Qualified Security Assessor), revolves around a practical case study involving a PCI merchant company. This company must ensure compliance with PCI DSS standards across various payment platforms.

The course content includes:

  1. A comprehensive overview of the additional compliance requirements introduced in PCI DSS version 3.
  2. An introduction to the different types of SAQs (Self-Assessment Questionnaires).
  3. In-depth explanations of the new SAQ Validation Types, such as A-EP, B-IP, and D-SP.
  4. Exploration of how SAQ Types apply to various payment processing scenarios, including E-commerce, Face To Face, and Mail or Telephone Order (MOTO).
  5. A dedicated Q&A session to provide tailored advice for your organization’s compliance needs.

 

Entry requirements:

While there are no formal prerequisites for enrolling in this course, it is specifically tailored to individuals who already possess a working knowledge of PCI DSS and are responsible for ensuring their organization’s continued compliance with the standard.

Other Services

Share This :