It is vital to protect payment card data in order to prevent fraudulent transactions and misuse. This course will guide you through the use of the PCI DSS v4.0, which has been designed to ensure the appropriate protection of payment card data. PCI DSS is an information security standard for organizations that handle card data associated with the major card brands Visa, MasterCard, American Express, Discover, UnionPay and JCB. Compliance with the standard is mandatory for all organizations involved in storing, communicating, or otherwise handling debit and credit card data.
This course will help you understand the structure of the PCI DSS v4.0 and what is involved in meeting the 12 high-level requirements, with a focus on those requirements which can be particularly challenging. It provides practical guidance on ways to reduce the scope of the standard, making sure you apply the appropriate levels of security that fulfil compliance requirements, which can often reduce costs. You’ll also learn what the standard’s reporting requirements are and whether reporting needs to be done through a qualified security assessor (QSA) or through one of numerous self-assessment questionnaires (SAQs).
This course aims to assist organizations that store, process, communicate or otherwise handle credit or debit card data, whether they are merchants or service providers, to understand the requirements of the PCI DSS v4.0 and how the standard applies to them.
How will I benefit?
This course will help you:
- Understand how compliance with the PCI DSS v4.0 will reduce the risk of a security breach
- Understand the requirements of PCI DSS v4.0 and how to address the 12 requirements
- Understand the different levels of reporting requirements for both merchants and service providers, to help you to report appropriately
- Understand the importance of reducing the scope of PCI DSS assessments
- Understand how workload and costs can be reduced through effective segmentation
- Demonstrate to customers and other stakeholders that you take the security of payment card data seriously
- Understand how PCI DSS can be used to enhance the control set from ISO/IEC 27002
- This course will help organizations understand why they need to comply and how much work is involved in moving from their current situation to being fully compliant.
Who should attend?
This course is ideal for anyone who:
- Has an interest in protecting payment card data and wants to learn how PCI DSS v4.0 can assist
- Wants to understand the main requirements of the standard
- Wishes to understand what the benefits and challenges are of complying with the PCI DSS
- Wants to understand how to reduce the scope of their PCI DSS assessment
- Wants to update their knowledge of the PCI DSS to v4.0
The course is also applicable to representatives from any size or type of organization who are planning to, or currently store, communicate, process, or otherwise handle debit and/or credit card information. The course is equally applicable to any service providers that could impact the security of cardholder data in other organizations.
What will I learn?
At the end of the course, learners will be able to explain the following:
- Explain the purpose of the standard
- Appreciate the rules for protecting cardholder data
- Identify where the standard is applicable
- Appreciate how to reduce the scope of an assessment
- Interpret each of the 12 high-level requirements correctly
- Recognize the different validation options
What’s included?
- This course involves practical activities, group discussions, and classroom learning to help you develop a deeper understanding of the material and have a greater impact on job performance.
- Duration 2-days
On completion, you’ll be awarded an internationally recognized BSI Training Academy certificate.