PCI DSS Implementation Workshop

This workshop offers your employees necessary knowledge for implementing PCI –DSS latest version 3.2 requirements in an organization. The workshop with case studies will cover the intent of each requirement and will give practical examples on how to implement the same in different environments.

The course is highly participative and follows a tested format with alternates of lecture sessions and case study exercises in breakout groups. The content will cover PCI-DSS Background and consequences of non-compliance. Scoping and Overview of the 12 Requirements. Relationship between PCI and PA-DSS, P2PE, PCI PTS and PCI PIN. PCI compliance for e-commerce, virtualization and mobile payment acceptance. Case Studies with detailed discussion on each requirement. Closing Discussion (Experiences, Information sharing, Questions & Answers).

course syllabus

  • Introduction to Payment Ecosystem.
  • Basic Concepts, Background and Recent Events, PCI Security Standards Council.
  • Route to Compliance.
  • Compliance Validation, Requirements and Process, PCI DSS, PA DSS and PCI Risk Assessment Overview, Finding PAN and Tracking Data.
  • PCI DSS Risk Assessment and Scoping.
  • Build and maintain a Secure Network, Installing and Maintaining a Firewall Configuration, Network Segmentation, and Secure Device Configurations.
  • Protect Stored Cardholder Data, Encrypt Transmission of Cardholder Data across open, public network.
  • Secure Payment Application Development.
  • Payment industry accepted access control practices.
  • Restrict physical access to cardholder data.
  • Logging in PCI requirement 10, Tools for Logging in PCI, Auditing network and data access, SIEM and Log Management.
  • Testing your monitoring systems and processes, Maintain information security policy, Policies and procedures.
  • Whose responsibility is it? Incident response, Mobile, Tokenization, Virtualization and Cloud and their impact on Payment Security.
  • Group Activity & Exercise.
  • Closing discussion.

Who Should Attend?

  • Implementation team of the PCI DSS project
  • Team members from (Networking, Application Development, Project Management, Information Security, Risk, IT Infrastructure, Compliance and Business).

Apply Now