Introduction to Payment Card Industry Data SecurityStandard (PCI-DSS)


The Payment Card Industry has published their own standards in order to protect customer information from theft and fraud called Payment Card Industry Data Security Standard (PCI-DSS). It has become a significant standard in the protection of sensitive and confidential data but it only covers data that pertains to credit cardholder information. The PCI-DSS requirements can be viewed as a sub-section of the information security management system pertaining to cardholder data and thus aligned with the compliance of the ISO 27001 recommendations.

This training program provides a comprehensive introduction to the Standard and delivers practical guidance on the aspects of implementing a PCI-DSS compliance program.

Learning Objectives

At the end of the training, participants shall be able to:

  • Learn the importance of information security.
  • Know the purpose of the PCI DSS and the requirement for protection of cardholder data.
  • Understand how compliance to the standard must be reported by merchants and service providers.
  • Gain ideas on how to support your organization’s compliance efforts through your knowledge of how to apply PCI Standards

Who Should Attend

  • Data Protection Officers
  • Information Security Professionals
  • Internal Auditors
  • IT Staff, Project Managers & Risk Managers
  • Individuals responsible for implementing all or part of the technical and business requirements of the Standard

Program Duration

1 day, 8 hours

Program Outline/Course Overview

Topic 1: Introduction to the PCI-DSS Standard
Topic 2: Benefits & Importance of the Standard
Topic 3: Roles and Responsibilities of Key Players in the Compliance Process
Topic 4: The Six Control Objectives
Topic 5: The 12 Requirements
Topic 6: Compliance and Enforcement
Topic 7: Remediation and Non-compliance
Topic 8: Compliance Structures

Ice Breakers/ Quizzes/ Case Studies/ Workshops
Wrap-up/ Summary
Open Discussion

For a complete course outline, email