New Horizons of Southern California Invites you to attend PCI DSS Training February 6-7, 2014 Hosted by NetHost Legislation (UK) New Horizons Computer Learning Centers of Southern California • www.nhsocal.com VISA, MASTER CARD AND AMERICAN EXPRESS SECURITY STANDARD CERTIFICATION PAYMENT CARD INDUSTRY DATA SECURITY STANDARD version 3 (PCI DSS) TRAINING ANY entity that processes Visa card data is required to comply with PCI DSS - this includes banks / companies. Measures taken against banks / companies that do not comply are confidential - but can include both fines and in extreme situations disconnection. By Visa International In her bid to further develop the Payment Industry and promoting a vibrant and reformed e-security, eservice, a result–oriented management culture and high capacity staff. NetHost Legislation UK has designed a High Level Training On Payment Card Industry Data Security Standard (PCI DSS) Certification specifically for key players in the Financial and Payment Industry in Southern California New Horizons of Southern California is a software and technology training company and is Microsoft and Cisco’s largest training partner. In 2013, New Horizons was named Microsoft’s Western Region Learning Partner of the Year and Red Hat Ready’s North American Training Partner of the Year. New Horizons Computer Learning Centers of Southern California • www.nhsocal.com Introduction PCI DSS, the results of the convergence of Visa, Master Card, American Express and other payment brands respective security standards, is here to stay. More so, Visa and Mater Card are fining institutions that process/store/transmit payment data for lack of compliance. PCI DSS impacts all companies that process/store/transmit payment card information. This A-Z training on PCI DSS is based on PCI Internal Security Assessor (ISA) methodology and attendees are equipped with similar knowledge as an ISA. As a result, attendees are able to maintain and facilitate PCI DSS corporate implementation. It is a 2 day intense training with an exam on the last day; attendees should have an ICT or audit/control or project management background. Course Description The PCI- QSA training program is rich in knowledge and techniques and includes: PCI Industry Overview – In depth coverage of the payment card industry, the terminology used to describe its key aspects, the flow of data through the various payment card mechanisms and the relationships between the various actors in the process What is PCI and what does it mean to companies that must meet compliance with the DSS ? – An overview of the payment card industry, the terminology used within the industry, the flow of transaction data through the various components that make up the payment card industry, and the relationships between the various organizations in the process. How the credit card brands differ in their validation and reporting requirements – Detailed coverage of the classifications and compliance requirements for merchants and service providers and details about the various card brands’ compliance programs. Roles and Responsibilities – Descriptions of the key actors in the compliance process including high-level overviews of the Qualified Security Assessor (QSA), Internal Security Assessor (ISA), Payment Application Qualified Security Assessor (PA-QSA) and Approved Scanning Vendor (ASV) programs. PCI Data Security Standard (DSS) – An overview of the current DSS (version 2.0), the testing procedures for validating compliance, and what constitutes compliance with the requirements. PCI Hardware and Communications Infrastructure – Generalized overview of the types of devices used by organizations to accept payment cards and communicate with the verification and payment facilities. PCI Reporting – An overview of the different types of reports that must be submitted to the card brands or their designated agents to demonstrate compliance (or non-compliance) of the organizations filing the reports. New Horizons Computer Learning Centers of Southern California • www.nhsocal.com Real world examples – An overview of compliance issues and mitigation strategies including defining compensating controls, creating policies and modifying the cardholder data environment. PCI Thresholds and Brand Specific Requirements – Detailed coverage of the classifications and compliance requirements for merchants, service providers and vendors and the various specific requirements imposed by the various card brands PCI –Data Security Specification (DSS) - In-depth training an every aspect of the current DSS including requirements, reasoning and what constitutes compliance with the requirement PCI Code Review and Analysis – In-depth training on executing code reviews and locating non PCI compliant constructs and procedures in applications that implement payment card processing systems PCI Hardware and Communications Infrastructure – In-depth training on the current state of typical devices and connectivity used by organizations to accept payment cards, and communicate with the verification and payment facilities PCI Reporting – In depth training on constructing and filing the necessary compliance reports and techniques for communicating results to those being audited Course Content PCI Security Council objectives and documentation Specific terminology and its application to existing situations How the Standard applies to everyone involved with cardholder information How the implementation of the Standard is validated, dependent on levels of activity Cardholder data that can/cannot be held The relevance of different system components Detailed requirements of the Standard How compliance is assessed and whether compensating controls are acceptable Compilation of the Report on Compliance (ROC) Special considerations for hosting providers An action plan to achieve compliance Highlights Gain an understanding of the importance of the Standard to all organizations using, processing or transmitting credit card information An appreciation of the controls necessary to be able to continue dealing with cardholder data The history of the PCI DSS standard Key principles and requirements of the standard Compliance with the standard - who does it relate to & at what level? The route to compliance - self assessment & audit Preparing an implementation plan New Horizons Computer Learning Centers of Southern California • www.nhsocal.com The above training program is facilitated by a PCI DSS Qualified Security Assessor (QSA) Company based in the United Kingdom; moreso, the facilitator is a QSA with extensive years in the information security compliance industry. Our facilitator as been awarded server accolades:- Who is who in science and technology , Excellence for outstanding contribution to positive image for African and African around the world (organized by the Mayor of London ) and member of several international information security conferences/journals and groups. This is an opportunity to get training by a seasoned professional QSA and security practitioner, and get answers to ALL your PCI DSS challenges. Training Season: Season 1 Security Breaches and Incidence Response PCI DSS Overview Understanding Card Data Season 5 PCI DSS Validation and Process PCI DSS Compliance Reporting Compensation Control Season 2 PCI DSS Security Assessors Payment Application Data Security Standard Season 6 Encryption New PCI DSS Guidelines (mobile payment) Season 3 PCI DSS Scoping Network Segmentation Season 7 PCI DSS Implementation Stages END of Training Question and Answer Season 4 PCI DSS 12 Requirements Standard Season 8 Attendance Test Certification Consultation Follow up DAY 1 09:00- 10:30 - Season 1 DAY 2 09:00- 10:30 - Season 5 10:30-10:50 Coffee Break 10:30-10:50 Coffee Break 10:50-12:00 Season 2 10:50-12:00 Season 6 12:00-13:30 Lunch 12:00-13:30 Lunch 13:30-14:30 Season 3 13:30-14:30 Season 7 14:30-14:50 Coffee Break 14:30-14:50 Coffee Break 14:50-16:30 Season 4 14:50-16:30 Season 8 New Horizons Computer Learning Centers of Southern California • www.nhsocal.com TRAINING EXAM STRUCTURE Open Book 20 Questions- multiple choice and essay Time Duration- 1 hour 30 minutes Certificates will be issued for exam grade over 69% ONLY All Certificates will be emailed CERTIFICATION On successful completion of the program you will be awarded: International Certificate issued by NetHost Legislation (UK) Ltd. WHO THE CERTIFICATION WILL BENEFIT Card issuers and processors Top and middle management from the banking and financial system Heads of Operations Heads of Internal and External Audit Compliance Managers Compliance Officers Head of IT & Security Staff from Operations Department, Compliance Department, IT & Security Department, Internal and External Audit Department ADMISSION REQUIREMENTS Have the ability to complete the reading and written aspects of the program in English. TRAINING VENUES Orange County 1900 S. State College Blvd Suite 100 Anaheim CA, 92806 Los Angeles 100 Corporate Pointe Suite 270 Culver City, CA 90230 San Diego 7480 Miramar Road Building B, Suite 202 San Diego, 92126 OnLine LIVE platform to deliver to other students within the United States. REGISTRATION PROCEDURE This 2 Day PCI DSS Training fee is 750USD per delegate. Kindly provide company name and names of delegates attending to the contact below, and an invoice will be sent. Contact Person Tina Travierso – 858-880-2502 or [email protected] New Horizons Computer Learning Centers of Southern California • www.nhsocal.com
© Copyright 2024 ExpyDoc
