The Payment Card Industry Data Security Standard – PCI DSS is a set of focused comprehensive controls for managing the risks surrounding payment card transactions. It applies to all entities that process, store or transmit cardholder data. And further, it is mandated by the Reserve Bank of India.
This course is designed to introduce the PCI DSS family of standards, and then do a deep-dive into the 12 Requirements and each control. The trainer will share a wealth of practical information, case studies, and examples to explain the controls.
Who should attend?
- Managers overseeing PCI DSS compliance
- External auditors performing PCI DSS validation
- Security professionals operating in a PCI DSS compliant environment
- Internal auditors desiring to validate interim compliance
- IT staff, project managers & Risk Managers
Why should you attend?
Upon completing this course, delegates would be able to:
- Understand the requirements of Payment Card Industry’s Data Security Standard (PCI DSS) in depth
- Understand the implementation challenges
- Understand the right tools and techniques to help address some of the critical control requirements.
- Move ahead with compliance not just to PCI DSS, but also with the RBI guidelines
- This certification demonstrates proficiency in payment card industry data security implementation
- Certification will be awarded by Institute Of Information Security
- We would provide 21 CPE credits for CISA/CISSP/CISM
- This certification provides significant value-addition to your career
- A very strong emphasis is placed on case studies and examples from the industry
Note: This certification and the training material is not in any way endorsed by the PCI Council
- About PCI SSC
- About Card holder Data
- About other PCI Standards - relationship between DSS, PA-DSS & PTS
- Why PCI DSS?
- Scope and applicability
- Prioritized approach document
- PCI DSS versions and changes made
- Reference documents from PCI SSC - Information Supplements
- Understanding 'Scoping' for PCI DSS
- Types and Roles of entities in the picture - QSAs, ASVs, PFIs etc.
- QSA / ISA assessments
- SAQ Types
- Best practices for storage
- Scope and overview of 12 requirements of PCI DSS
- Understanding the 'Self-Assessment Questionnaire (SAQ)'
- Understanding Report on Compliance for PCI DSS
- Understanding the overall Compliance Process
- Shared hosting providers
- Mobile Devices
- Cloud Infrastructure
- Applicability Criteria
- Admissibility Criteria