The Payment Card Industry has published their own standards in order to protect customer information from theft and fraud called Payment Card Industry Data Security Standard (PCI-DSS). It has become a significant standard in the protection of sensitive and confidential data but it only covers data that pertains to credit cardholder information. The PCI-DSS requirements can be viewed as a sub-section of the information security management system pertaining to cardholder data and thus aligned with the compliance of the ISO 27001 recommendations.
This training program provides a comprehensive introduction to the Standard and delivers practical guidance on the aspects of implementing a PCI-DSS compliance program.
At the end of the training, participants shall be able to:
- Learn the importance of information security.
- Know the purpose of the PCI DSS and the requirement for protection of cardholder data.
- Understand how compliance to the standard must be reported by merchants and service providers.
- Gain ideas on how to support your organization’s compliance efforts through your knowledge of how to apply PCI Standards
Who Should Attend
- Data Protection Officers
- Information Security Professionals
- Internal Auditors
- IT Staff, Project Managers & Risk Managers
- Individuals responsible for implementing all or part of the technical and business requirements of the Standard
1 day, 8 hours
Program Outline/Course Overview
Topic 1: Introduction to the PCI-DSS Standard
Topic 2: Benefits & Importance of the Standard
Topic 3: Roles and Responsibilities of Key Players in the Compliance Process
Topic 4: The Six Control Objectives
Topic 5: The 12 Requirements
Topic 6: Compliance and Enforcement
Topic 7: Remediation and Non-compliance
Topic 8: Compliance Structures
Ice Breakers/ Quizzes/ Case Studies/ Workshops
For a complete course outline, email firstname.lastname@example.org.