PCI-DSS-Awareness

PCI-DSS (Payment Card Industry Data Security Standard) Awareness and Implementation

Course Overview

The Payment Card Industry Data Security Standard (PCI DSS) was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally and applies to all merchants and service providers that transmit, process or store payment card data.

This course primarily focuses on why PCI-DSS as a compliance required for professionals working on projects and security controls that must comply with PCI Data Security Standard (PCI DSS) and explains what the PCI Standards do to mitigate the data breach issues and its prevention.

This course is based on the guidelines of PCI-DSS compliance best practices and educate how to successfully implement the standard to identify and minimize card breach and reduce risk of data loss.

Upon completion of this training program, professional will gain the skills and knowledge necessary to:

  • PCI-DSS (Payment Card Industry Data Security Standard) overview
  • Understand the workings of the payment card industry
  • Roles and responsibilities of Security Assessor (ISA), Qualified Security Assessor (QSA), and Approved Scanning Vendor (ASV) programs
  • Learn PCI-DSS standard relationship between other standards
  • How to establish PCI compliance
  • Understand how data breaches are carried out and how to build robust systems that are immune to breaches and to maintain a vulnerability management program
  • Understand and develop the processed to be followed to stores and transmits cardholder data and to maintain strong access control measures.
  • How to report issues

Who Should Attend

The program is ideal for those working in positions such as, but not limited to –

  • Information Security Managers, Security Engineers, IT Directors, Project Managers or anyone working in PCI compliance necessities.

Course Duration

  • 16 Hours (2 Days * 8 Hours)

Course Content / Outline

  • Introduction and PCI Data Security Standard Overview
  • PCI-DSS Ecosphere and its applications
  • Relationship between PCI DSS with other standards
  • Compliance Validation, Requirements and Process
  • Payment Transaction Flow
  • Scoping the Cardholder Data Environment
  • The 12 requirements / segmentation
  • Protect Card Holder Data
  • Develop & Maintain Secure System and Access Controls
  • Maintain a Vulnerability Management Program
  • Monitor & Test System
  • SIEM and Log management
  • Maintain an Information Security Policy
  • Payment security challenges on mobile and best security practices