Skip to Main Content
This website uses cookies. View our cookie policy
United Kingdom
Select regional store:
PCI DSS Implementation Training Course | Qualified Security Assessor Company

PCI DSS Implementation Training Course

SKU: 4178

Building on the PCI DSS Foundation course, this three-day training course has a deeper focus on the PCI DSS (Payment Card Industry Data Security Standard) and its implementation. The course is aimed at those who are responsible for implementing and managing the PCI DSS. This course is fully updated for the recently released PCI DSS v3.2.


Achieve the PCI DSS Implementation (PCI IM) qualification. Exam included in course. This course qualifies for 21 CPD/CPE points.

Course duration:

3 days

UK locations:

London, Birmingham, Belfast, Manchester, Southampton

Worldwide locations:


Step 1 - Select location
Step 2 - Select date
Price: £1,195.00
ex vat
Step 3 - Select quantity

The PCI DSS Implementation training course outline

This three-day course, fully updated for PCI DSS (Payment Card Industry Data Security Standard) v3.2, provides a comprehensive introduction to the Standard and delivers practical guidance on all aspects of implementing a PCI DSS compliance program.

Practical guidance and real-world examples will be taught, providing attendees with a full understanding of how to implement the different aspects of a PCI programme.

The benefits of the PCI DSS Implementation course

  • Learn in-depth about the PCI DSS assessment, test procedures and reporting requirements.
  • Understand the differences between SAQs (self-assessment questionnaires) and their usage.
  • Gain insight into a QSA auditor’s perspective on scoping and reduction, gap analysis, remediation and auditing issues.
  • Take part in interactive sessions that will allow attendees to ask questions relating to their own organisation and cardholder environment.
  • Gain an expert view on how to create a compensating control and what situations may or may not be appropriate for such controls.
  • Understand the effects of new technology on PCI DSS compliance.

The PCI DSS Implementation course pass rate

The average pass rate for this course is 90%.

Who should attend this course?

This course is designed for individuals responsible for implementing all or part of the technical and business requirements of the Standard, for example:

  • Information security managers
  • Security engineers
  • IT directors
  • PCI DSS project managers

This course is also suitable for consultants seeking to provide PCI implementation advice to their respective client organisations.

If you require an introductory course that will provide you with an overview of the fundamentals of PCI DSS compliance, please see our one-day PCI DSS Foundation Training Course.

Why choose IT Governance for your training needs?

IT Governance Ltd is a QSA (Qualified Security Assessor) approved by the PCI SSC (Security Standards Council), which means we regularly audit PCI compliance in a wide range of organisations.

By choosing us for PCI training you will benefit from our wealth of practical experience gained as a QSA.

Our course provides a practical, hands-on approach, allowing attendees to gain a clear understanding of the PCI DSS and the tools needed to apply that knowledge in their organisation’s payment environment.

Course details

What does the PCI DSS Implementation training course cover?

The course will cover:

  • Outline of payment processes
  • PCI DSS Ecosphere
  • Why the PCI DSS?
  • Where does it apply?
  • The six control objectives
  • The 12 requirements
  • Compliance and enforcement
  • Remediation and non-compliance
  • Compliance structures
  • Self-assessment or audit?
  • Scoping principles of the PCI DSS
  • How to scope for the PCI DSS
  • Scope reduction
  • The 12 Requirements
  • Practical implications of the PCI DSS
  • Documentation and evidence
  • Managing a PCI DSS project
  • How to gain compliance
  • The prioritised approach
  • What is ‘business as usual’?
  • Going beyond the PCI DSS controls

Course agenda

  • The purpose of the PCI DSS and the requirement for protection of cardholder data.
  • PCI DSS objectives and intent.
  • Related PCI standards and programmes.
  • Understand how PCI DSS compliance is enforced by the payment brands.
  • Compliance needs for merchants and service providers. Explanation of the different levels.
  • Understand how compliance to the standard must be reported by merchants and service providers.
  • Overview of the 12 standard requirements.
  • Technical Implementation of the requirements.
  • Use of IT Governance PCI DSS Documentation Toolkit.
  • Project management.
  • Maintaining compliance.
  • Additional considerations for: call centres, encryption, software development, mobile payments, skimming.

What’s included in this course?

Professional training venue with lunch and refreshments, exercises and case study handouts, comprehensive revision documentation (digital copy provided as PDF file), and a Certificate of attendance.

What equipment should I bring?

The exam is an online exam. You will need to bring a ‘pop-up enabled’ laptop/tablet to the venue. Full details on how to access the exam will be provided by email 1–2 days before sitting the exam.

Course duration and times

Day 1: 9.30 am – 5:00 pm
Day 2: 9.30 am – 5:00 pm
Day 3: 9.30 am– 5:00 pm (exam), 5:30 pm (optional consultancy session)

CPD points

This course qualifies for 21 CPD/CPE points.

PCI DSS Implementation Training Course cost

The course costs £1195 ex VAT.

Exams and qualifications

PCI DSS Foundation exam

This course prepares attendees for an optional examination on the last day of the training programme.

What qualifications will I receive?

Successful candidates will be awarded the PCI DSS Implementation (PCI IM) qualification by IBITGQ (the International Board for IT Governance Qualifications).

How will I receive my exam results and certificates?

For both online and paper exams, certificates for those who have achieved a passing grade will be issued within 10 working days from the date of the exam. Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Yes, you can retake the exam at an extra cost if you are unsuccessful on the first attempt. You can email us to schedule the retest for the exam.


Are there any prerequisites for this course?

There are no pre-requisites for sitting this course.

Is there any pre-reading?

We recommend that all attendees download and read the free PCI DSS document from the PCI SSC website. You may also benefit from advance reading of the following introductory guide: PCI DSS – A Pocket Guide.

Customer Reviews

(5.00)stars out of 5
# of Ratings: 1
1. on 01/09/2017, said:
5 stars out of 5
Extremely well delivered with good content on the subject matter and the chance to workshop specific scenarios.
Was this comment helpful?
(1 people found this comment helpful, 3 did not)
Showing comments 1-1 of 1