PCI DSS Compliance Training Course

The Payment Card Industry Data Security Standard (PCI DSS) is the information security standard for organisations that process credit card payments.

These standards apply to any company with a Merchant ID that processes, stores or transmits data. PCI DSS can act as a tool for implementing technical measures for the General Data Protection Regulation (GDPR) compliance.

Our Safeguarding Personal Data with PCI DSS Course will help your employees to understand why it is important, the 12 key requirements for compliance and how to identify, resolve and prevent risks.

Start a Free Trial

Chevron Skillcast chevron graphic
PCI DSS Compliance Training Course

About this Course

Available as part of our Compliance Essentials and GDPR Library.

Learning objectives

This course will prepare your employees to:

  • Raise your awareness of PCI Data Security Standard (DSS)
  • Appreciate why it is important
  • Recognise the key requirements
  • Identify what action you need to take to ensure PCI compliance

Latest course updates

Full design review conducted by a PCI DSS expert.

  • Text & image updates throughout the course
  • New pages, activities & scenarios
  • Penetration testing procedures aligned with current legislation
  • Updated scenarios & learning activities
  • New 30-question post-course assessment

Course Outline


PCI DSS basics

- The PCI ecosystem

Why is PCI DSS important?

- Examples: Information security breaches
- Consequences of non-compliance
- You decide: Do you know?
- You decide: Fact or fiction?

How PCI DSS works

- PCI DSS merchant levels
- You decide: Merchant levels
- The goals of PCI DSS
- You decide: PCI DSS goals & requirements

Requirement 12: Maintain an information security policy

- You decide: Developing the security policy

Requirement 1: Install & maintain a firewall

- You decide: Rules for firewalls & router configurations

Requirement 2: Don't use defaults for system passwords & other security parameters

- Examples: Malware

Requirement 3: Protect stored cardholder data

- Key features of payment cards
- You decide: Rules for storing payment card data
- You decide: Taking action with payment card data
- Masking the PAN and other payment card data
- When is masking required?
- You decide: Applying the rules

Requirement 4: Encrypting the transmission of cardholder data

- Safeguarding cardholder data with encryption

Maintaining a vulnerability management program

Requirement 5: Use & regularly update anti-virus software

- Taking preventive action against malware
- Scenario: Rajan's systems maintenance

Requirement 6: Develop and maintain secure systems & applications

- You decide: Maintaining secure systems & applications
- You decide: Change control best practice
- Access control measures

Requirement 7: Restrict access to cardholder data by business need to know

- You decide: Access control

Requirement 8: Assign a unique ID to each person with computer access

- You decide: Identifying & authenticating access to cardholder data
- You decide: Passwords
- You decide: Authentication
- Password pitfalls

Requirement 9: Restricting physical access to cardholder data

- You decide: Physical access
- You decide: Procedures for visitors
- You decide: Signs of tampering
- Recap of the key rules
- Monitoring & testing networks

Requirement 10: Track & monitor all access to network resources & cardholder data

Requirement 11: Test security systems & processes

- You decide: Penetration testing




Course Specifications



Approximately 60-minute long e-learning course followed by a 10-question assessment.



Suitable for all staff - includes examples and interactivities designed for staff at all levels and best practice do's and don'ts for managers. No previous knowledge or experience is required.



SHARD-compliant, responsive display on all devices, accessibility on screen readers, visual design controlled via a client style sheet.



Supplementary four-minute iExpress interactive video provided to create awareness and interest in this topic.



All Windows, Mac OSX, iOS, Android (Flash-free for mobile compatibility). AICC and SCORM 1.2-compliant, suitable for both hosted and deployed SCORM or AICC.



Fully customisable on Skillcast Portal CMS.



Pre-translated versions not available, but all text content can be exported for translation into all languages.



Based on UK legislation, but suitable for global audiences upon the removal of UK-specific references and translation as necessary.

Try our courses for free...

Compliance Essentials Library is our best-selling comprehensive corporate training solution.

100+ e-learning and microlearning courses that help companies from SMEs to multinationals achieve compliance success.

Start a Free Trial

Chevron Skillcast chevron graphic
Compliance Essentials