The Payment Card Industry Data Security Standard (PCI DSS) is the information security standard for organisations that process credit card payments.
It can act as a tool for implementing technical measures for compliance with the General Data Protection Regulation (GDPR).
Our Safeguarding Personal Data with PCI DSS Course will help your employees to understand why it is important, the 12 key requirements for compliance and how to identify, resolve and prevent risks.
Versions available as part of our Compliance Essentials and GDPR Course Libraries.
This course will prepare your employees to:
- Examples: Information security breaches
- Consequences of non-compliance
- Exercise: Do you know?
- You make the call: Fact or fiction?
- PCI DSS merchant levels
- You make the call: Distinguishing between merchant levels
- The goals of PCI DSS
- You make the call: PCI DSS goals and requirements
- Exercise: Rules for firewalls and router configurations
- Examples: Malware
- Key features of payment cards
- You make the call: Rules for storing payment card data
- You make the call: Taking action with payment card data
- Masking the PAN and other payment card data
- When is masking required?
- Exercise: Applying the rules
- Safeguarding cardholder data with encryption
- Maintaining a vulnerability management program
- Taking preventive action against malware
- Scenario: Rajan's systems maintenance 1
- Scenario: Rajan's systems maintenance 2
- Exercise: Maintaining secure systems and applications
- Exercise: Change control best practice
- Access control measures
- Exercise: Access control
- You make the call: Identifying and authenticating access to cardholder data
- Exercise: Passwords
- You make the call: Authentication
- Password Pitfalls
- Exercise: Physical access
- Exercise: Procedures for visitors
- Exercise: Signs of tampering
- Recap of the key rules
- Monitoring and testing networks
- You make the call: Penetration testing
- You make the call: Developing the security policy
Approximately 30 minutes
Suitable for all staff - includes examples and interactivities designed for staff at all levels and best practice do's and don'ts for managers.
No previous knowledge or experience required.
SHARD-compliant, responsive display on all devices, accessibility on screen readers, visual design controlled via a client style sheet.
Ten-question assessment.
Ability to offer optional test-out, whereby users can choose to skip the course content and complete the learning assignment simply through passing the assessment.
Supplementary four-minute iExpress interactive video provided to create awareness and interest in this topic.
AICC and SCORM 1.2-compliant, suitable for both hosted and deployed SCORM or AICC.
All Windows, Mac OSX, iOS, Android (Flash-free for mobile compatibility).
Fully customisable on Skillcast Portal CMS.
Pre-translated versions not available, but all text content can be exported for translation into all languages.
Based on UK legislation, but suitable for global audiences upon the removal of UK-specific references and translation as necessary.