If you accept card payments, you need to be PCI DSS compliant
The PCI DSS (Payment Card Industry Data Security Standard) applies to all merchants and service providers that transmit, process or store payment card data. If your organisation accepts card payments, your bank or merchant account provider, card payment gateway or merchant acquirer holds you to account and can perform audits. If you’re unsure whether you would be compliant, then you need training.
The banks and merchant acquirers that provide your card payment technology are under direct scrutiny by enforcement authorities, and they pass down risk via their terms and conditions with you. The PCI DSS is designed to reduce payment card fraud using security controls that protect cardholder data.
There are three things you must have to comply:
- Specialist knowledge of the 12 technical requirements and 6 control objectives.
- Systems and processes that implement those requirements and objectives.
- A formal staff awareness programme.
If you haven’t updated your systems to comply with version 4.0 of the Standard, you’ll need to transition before 31 March 2024.
In version 4.0, there is an increased focus on creating a security awareness culture, and more detailed requirements for systems and processes to maintain access control and manage vulnerabilities.
IT Governance offers everything you need:
- Transition courses to help you understand the changes from v3.2.1 to v4.0.
- Foundation courses to get you started.
- Lead Implementer courses for those leading or managing PCI DSS implementation.
- Staff awareness courses to help you comply with Clause 12.6 of PCI DSS v4.0 – both self-paced e-Learning courses and bespoke courses with specific additional content.
All our PCI DSS courses are designed by PCI QSAs (Qualified Security Assessors).
All our courses are certified and qualify for CPD points.
If you can’t find what you need in the shop in your country, contact our global sales team. All the courseware is available in English in a self-paced online format as a minimum.
In most cases, we will be running live instructor-led courses in your time zone so you can join in person or Live Online. We also offer customised courses for organisations with specific content, including practice exercises and interactive community features. See the in-house training page for more information.
PCI DSS staff awareness
We provide staff awareness e-learning courses, Live Online, classroom and in-house training courses for all levels, from foundation to advanced courses for IT practitioners and lead implementers seeking compliance with the Standard.
This interactive e-learning course has been designed to increase employees’ awareness of the PCI DSS requirements, and to provide clear and simple explanations of their obligations.
It will help ensure that all employees are taking the correct steps to protect themselves, their organisation and their customers.
Shop now
Speak to a PCI DSS expert
Get in touch with one of our specialists today for more information about our PCI DSS consultancy and technical security services, or to get a tailored quote for your organisation.
Speak to an expert