PCI Implementation & Maintenance Training Course
The Payment Card Industry Data Security Standard (PCI DSS) is administered by the PCI Security Standards Council (PCI SCC) with the specific objectives of decreasing payment card fraud across the internet and increasing the security of confidential payment card information.
Every organisation that stores or transmits or processes card holder data must comply with PCI DSS standard. Compliance to the standard is regulated and enforced by payment card brands (VISA, MasterCard, American Express) directly or through their partner relationships with ‘acquirer’ banks.
Delivered by an experienced PCI Qualified Security Assessor, the PCI Implementation & Maintenance training course is a 2-day session designed to provide delegates with the knowledge needed to plan and implement a complete programme of activities that fully satisfy the requirements of PCI DSS v3.0.
Ensure Your Organisation Achieves PCI DSS Compliance - book on the PCI Implementation & Maintenance training course today
Our PCI DSS training approach
The key to achieving compliance to PCI DSS is to fully understand the technical and business requirements and how to meet these requirements while minimising the cost and time involved.
Using practical examples and real-life case studies, our PCI DSS trainer will guide you through a proven methodology designed to ensure that you select the correct ‘route to compliance’, identity the exact requirements using gap analysis and create an effective implementation plan.
This course will also feature the use of our unique PCI DSS Documentation Compliance Toolkit which provides all of the documentation templates for the mandatory PCI DSS policies, implementation guidelines and guidance on integrating with ISO27001 - the international standard for an information security management system.
Read what previous delegates have said about our training courses.
Who should attend the PCI Implementation & Maintenance course?
This course is designed for individuals who are responsible for the ensuring that their organisation becomes fully compliant to the technical and business requirements of the PCI DSS standard. The course would also benefit external consultants seeking to provide PCI implementation advice to their respective client organisations.
Please note this course is largely technical in nature and assumes that delegates have some knowledge of PCI DSS and the technical controls associated with information security.
What will you learn on the PCI Implementation & Maintenance course?
Delegates attending this course will learn the following:
- How to satisfy the requirements of PCI DSS compliance as defined by your payment card brand and your acquiring bank.
- Full knowledge of the PCI DSS standard and an understanding of the key PCI DSS terms and roles including Acquirer, Merchants, Services Providers, SAQ and QSA.
- Details of the new PCI DSS v3.0 standard and its implications for all organisations
- Identify Your Route to Compliance by Self-Assessment or Audit by a Qualified Security Assessor (QSA).
- Define your cardholder data environment (CDE) and learn how to minimise it to ensure effective compliance and security of confidential payment card information.
- Understand the 6 key PCI DSS Control Objectives and the 12 mandatory sub-requirements that they define.
- Create and manage a PCI DSS Implementation plan that includes Scoping, Gap Analysis, Remediation and Internal/External Audit.
Click to expand full course contents »
The PCI DSS Implementation & Maintenance course includes the following topics:
- Recap of the Requirements of PCI DSS
- PCI DSS v3.0 new requirements
- Key Definitions and Roles
- The Route to Compliance – Self Assessment (SAQ) or Audit and Report on Compliance (RoC)
- Which Self-Assessment Questionnaire (SAQ) Applies to Your Organisation
- Determine the Scope Of Your Card Holder Data Environment
- Conducting a Gap Analysis
- PCI DSS Control Objectives
- Build & Maintain a Secure Network
- Protect Cardholder Data
- Vulnerability Management Program
- Access Control
- Monitor & Test Networks
- Information Security Policy
- Planning Key Remediation Activities
- The Importance of Auditing
This course prepares delegates for an examination on the last day of the training programme. Successful candidates will be awarded the PCI Implementation & Maintenance (PCI IM) qualification by the International Board for IT Governance Qualifications (IBITGQ).
Our PCI DSS Credentials
IT Governance Ltd is a Qualified Security Assessor (QSA) company that has been approved by the PCI Security Standards Council (PCI SCC). In our capacity as a QSA company, our principle role is to ensure that an organisation is fully compliant to the requirements as specified in the Payment Card Industry Data Security Standard.
As an approved QSA company, our employees must include a number of individuals who are Qualified Security Assessors that are trained and qualified to audit and validate an entity’s adherence to the PCI DSS standard.
Our status as an approved QSA company underpins our range of PCI DSS training courses and our PCI DSS consultancy services which include project scoping, gap analysis, remediation support and onsite auditing.
Are there entry requirements?
While there are no formal entry requirements, we assume that all delegates have some knowledge of PCI DSS and the technical controls associated with information security. This knowledge may have been acquired through reading or by attending our introductory PCI Foundation training course.
We recommend that all delegates download (free) and read the Payment Card Industry Data Security Standard (PCI DSS) document from the PCI SSC website.
This PCI DSS training course includes:
- Lunch and refreshments
- Full course materials (digital copy provided as PDF file)
- Certificate of attendance
- The PCI IM exam
This course is non-residential, but we can help you to find a hotel close to the training venue. To take advantage of this offer, drop us an email after you book your course.
How to book?
View available training dates and book online using the form at the top of this page.
To discuss your learning needs with our training experts.
Call us on +44 (0)845 070 1750.
Or download our booking form, complete it and fax to us on +44 (0) 1353 662667.
We accept purchase orders from local authorities, government departments, and other public sector organisations and will consider account facilities for large corporate customers. See our payment options page for details.
This course can also be delivered in-house.
You may be interested in …
Don’t miss out on …
Our free green paper PCI DSS FAQs
All bookings are subject to our terms and conditions.