PCI-DSS Practitioner Training Course
This instructor-led, live Payment Card Industry Professional training (online or onsite) provides an individual qualification for industry practitioners who wish to demonstrate their professional expertise and understanding of the PCI Data Security Standard (PCI DSS).
By the end of this training, participants will be able to:
- Understand the payment process and the PCI standards designed to protect it.
- Understand the roles and responsibilities for entities involved in the payment industry.
- Have deep insight into, and understanding of, the 12 PCI DSS requirements.
- Demonstrate knowledge of PCI DSS and how it applies to organizations that are involved in the transaction process.
Format of the Course
- Interactive lecture and discussion.
- Lots of exercises and practice.
- Hands-on implementation in a live-lab environment.
Course Customization Options
- To request a customized training for this course, please contact us to arrange.
Course Outline
Introduction
Understanding PCI-DSS
- Introduction to PCI-DSS
- Importance of PCI-DSS compliance
- Key objectives of PCI-DSS
PCI-DSS Standards and Requirements
- Overview of PCI-DSS requirements
- The 12 PCI-DSS requirements
- Build and maintain a secure network and systems
- Protect cardholder data
- Maintain a vulnerability management program
- Implement strong access control measures
- Regularly monitor and test networks
- Maintain an information security policy
PCI-DSS Compliance and Assessment
- PCI-DSS compliance process
- Roles and responsibilities in PCI-DSS compliance
- Types of PCI-DSS assessments (SAQ, ROC)
- Working with Qualified Security Assessors (QSAs)
Scoping and Segmentation
- Defining the cardholder data environment (CDE)
- Scoping PCI-DSS
- Network segmentation and its importance
Building and Maintaining a Secure Network
- Firewalls and router configurations
- Securing network components
- Wireless networking security
Protecting Cardholder Data
- Data encryption and masking techniques
- Protecting stored cardholder data
- Secure transmission of cardholder data
Maintaining a Vulnerability Management Program
- Regular updates and patch management
- Identifying and mitigating vulnerabilities
- Anti-virus and anti-malware solutions
Implementing Strong Access Control Measures
- Access control policies and procedures
- Managing user access and authentication
- Physical security controls
Regularly Monitoring and Testing Networks
- Monitoring network traffic and logs
- Conducting vulnerability scans
- Penetration testing best practices
Maintaining an Information Security Policy
- Developing and implementing security policies
- Security awareness training for employees
- Incident response planning
Preparing for a PCI-DSS Audit
- Preparing documentation and evidence
- Conducting internal audits
- Addressing non-compliance issues
Summary and Next Steps
Requirements
- Understand the online payment concept
- Network Fundamentals
- Basics of Information Security
- Work experience in an IT or IT-related role
Open Training Courses require 5+ participants.
PCI-DSS Practitioner Training Course - Booking
PCI-DSS Practitioner Training Course - Enquiry
PCI-DSS Practitioner - Consultancy Enquiry
Consultancy Enquiry
Testimonials (5)
examples taken from real life, digressions, exercises were useful plus the opportunity to ask questions at every stage
Karolina - Amer Sports Poland
Course - Governance, Risk Management & Compliance (GRC) Fundamentals
Machine Translated
The fact that there were practical examples with the content
Smita Hanuman - Standard Bank of SA Ltd
Course - Basel III – Certified Basel Professional
The trainer was extremely clear and concise. Very easy to understand and absorb the information.
Paul Clancy - Rowan Dartington
Course - CGEIT – Certified in the Governance of Enterprise IT
The trainer was very motivated and knowledgeable. The trainer was not only capable of information transfer, she also brought it with humor to lighten the dry theoretical training subject.
Marco van den Berg - ZiuZ Medical B.V.
Course - HIPAA Compliance for Developers
I genuinely enjoyed the real examples of the trainer.
Joana Gomes
Course - Compliance and the Management of Compliance Risk
Provisional Courses
Related Courses
Basel III – Certified Basel Professional
21 HoursDescription:
Basel III is a global regulatory standard on bank capital adequacy, stress testing and market liquidity risk. Having initially been agreed upon by the Basel Committee on Banking Supervision in 2010–11, changes to The Accord have extended implementation to 31st March 2019. Basel III strengthens bank capital requirements by increasing bank liquidity and decreasing bank leverage.
Basel III differs from Basel I & II in that it requires different levels of reserves for different forms of deposits and other types of borrowings, so it does not supersede them so much as it does work alongside Basel I and Basel II.
This complex and constantly changing landscape can be hard to keep up with, our course and training will help you manage likely changes and their impact on your institution. We are accredited with and a training partner to the Basel Certification Institute and as such the quality and suitability of our training and material is guaranteed to be up to date and effective
Objectives:
- Preparation for the Certified Basel Professional Examination.
- Define hands-on strategies and techniques for the definition, measurement, analysis, improvement, and control of operational risk within a banking organization.
Target Audience:
- Board members with risk responsibilities
- CROs and Heads of Risk Management
- Members of the Risk Management team
- Compliance, legal and IT support staff
- Equity and Credit Analysts
- Portfolio Managers
- Rating Agency Analysts
Overview:
- Introduction to Basel norms and amendments to the Basel Accord (III)
- Regulations for market, credit, counterparty and liquidity risk
- Stress testing for various risk measures including how to formulate and deliver stress tests
- The likely effects of Basel III on the international banking industry, including demonstrations of its practical application
- Need For The New Basel Norms
- The Basel III Norms
- Objectives of The Basel III Norms
- Basel III – Timeline
Certified Fraud Examiner (CFE) Preparation
70 HoursThis instructor-led, live training in Poland (online or onsite) is aimed at advanced-level professionals who wish to gain a comprehensive understanding of fraud examination concepts and prepare for the Certified Fraud Examiner (CFE) exam.
By the end of this training, participants will be able to:
- Gain comprehensive knowledge of fraud examination principles and the fraud examination process.
- Learn to identify, investigate, and prevent various types of financial fraud schemes.
- Understand the legal environment related to fraud, including the legal elements of fraud, relevant laws, and regulations.
- Acquire practical skills in conducting fraud investigations, including evidence collection, interviewing techniques, and data analysis.
- Learn to design and implement effective fraud prevention and deterrence programs within organizations.
- Gain confidence and knowledge to successfully pass the Certified Fraud Examiner (CFE) exam.
CGEIT – Certified in the Governance of Enterprise IT
28 HoursDescription:
This four day event (CGEIT training) is the ultimate preparation for exam time and is designed to ensure that you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance awarded by ISACA. It is designed for professionals responsible for managing IT governance or with significant advisory or assurance responsibility for IT governance.
Achieving CGEIT status will provide you with wider recognition in the marketplace, as well as increased influence at executive level.
Objectives:
This seminar has been designed to prepare Delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding to be better prepared to pass the exam, as defined by ISACA.
Target Audience:
Our training course is for IT and business professionals, with significant IT governance experience who are undertaking the CGEIT exam.
Compliance for Payment Services in Japan
7 HoursThis instructor-led, live training in Poland (online or onsite) is aimed at payment services compliance professionals who wish to create, implement, and enforce a compliance program within an organization.
By the end of this training, participants will be able to:
- Understand the rules set forth by government regulators for payment service providers.
- Create the internal policies and procedures needed to satisfy government regulations.
- Implement a compliance program that adheres to relevant laws.
- Ensures that all corporate processes and procedures comply with the compliance program.
- Uphold the business's reputation while protecting it from lawsuits.
Cybersecurity Governance, Risk & Compliance (GRC)
14 HoursThis instructor-led, live training in Poland (online or onsite) is aimed at intermediate-level cybersecurity professionals who wish to enhance their understanding of GRC frameworks and apply them to secure and compliant business operations.
By the end of this training, participants will be able to:
- Understand the key components of cybersecurity governance, risk, and compliance.
- Conduct risk assessments and develop risk mitigation strategies.
- Implement compliance measures and manage regulatory requirements.
- Develop and enforce security policies and procedures.
Governance, Risk Management & Compliance (GRC) Fundamentals
21 HoursCourse goal:
To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities.
Overview:
- GRC Basic terms and definitions
- Principles of GRC
- Core components, practices and activities
- Relationship of GRC to other disciplines
HIPAA Compliance for Developers
7 HoursHIPAA (Health Insurance Portability and Accountability Act of 1996) is a legislation in the United States that provides provisions for data privacy and security for handling and storing medical information. These guidelines are a good standard to follow in developing health applications, regardless of territory. HIPAA compliant applications are recognized and more trusted globally.
In this instructor-led, live training (remote), participants will learn the fundamentals of HIPAA as they step through a series of hands-on live-lab exercises.
By the end of this training, participants will be able to:
- Understand the basics of HIPAA
- Develop health applications that are compliant with HIPAA
- Use developer tools for HIPAA compliance
Audience
- Developers
- Product Managers
- Data Privacy Officers
Format of the Course
- Part lecture, part discussion, exercises and heavy hands-on practice.
Note
- To request a customized training for this course, please contact us to arrange.
HiTrust Common Security Framework Compliance
14 HoursThis instructor-led, live training in Poland (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.
By the end of this training, participants will be able to:
- Understand the key concepts of the HiTrust CSF (Common Security Framework).
- Identify the HITRUST CSF administrative and security control domains.
- Learn about the different types of HiTrust assessments and scoring.
- Understand the certification process and requirements for HiTrust compliance.
- Know the best practices and tips for adopting the HiTrust approach.
Compliance and the Management of Compliance Risk
21 HoursAudiance
All staff who need a working knowledge of Compliance and the Management of Risk
Format of the course
A combination of:
- Facilitated Discussions
- Slide Presentations
- Case Studies
- Examples
Course Objectives
By the end of this course, delegates will be able to:
- Understand the major facets of Compliance and the national and international efforts being made to manage the risk related to it
- Define the ways in which a company and its staff might set up a Compliance Risk Management Framework
- Detail the roles of Compliance Officer and Money Laundering Reporting Officer and how they should be integrated into a business
- Understand some other “hot spots” in Financial Crime – especially as they relate to International Business, Offshore Centres and High-Net-Worth Clients