Certified PCI-DSS Implementation Expert (CPIE)

Certified PCI-DSS Implementer Expert (CPIE)

By their nature, credit cards contain their users’ sensitive personal data — data which cybercriminals are all too eager to steal. That’s why PCI DSS is designed to protect card users from the unwanted exposure of card holder data and sensitive information. It defines required and suggested requirements for organizations that store, process, or transmit cardholder or related sensitive data. This course explains PCI DSS requirements in the context of the larger framework of information security, and will help organizations understand the motivation for each requirement. Over the past few years, several high-profile and incredibly damaging data breaches have underscored the need for the PCI DSS and for comprehensive training to ensure best practices and to protect cardholders from cybertheft.

Why should you attend?

During this training course, you will acquire in-depth understanding of PCI DSS standard to ensure better protection of cardholder data.  You can carry out a base line review of the organizations current position with regard to PCI DSS ver. 3.2.1. You can interpret the requirements of PCI DSS ver. 3.2.1 from an implementation perspective in the context of their organization.

Based on practical information, case studies and examples to explain the controls, you will be able to master audit techniques and become competent to manage an audit program, audit team, communication with customers, and conflict resolution.

After acquiring the necessary expertise to perform this audit, you can sit for the exam and gain for a “ Cybernetic Certified PCI-DSS Implementation Expert (CPIE)” credential. By holding a  CPIE Certificate, you will demonstrate that you have the capabilities and competencies to implement PCI-DSS and access organizations based on PCI-DSS v3.2.1.

Who should attend?

  • Managers overseeing PCI DSS compliance
  • External auditors performing PCI DSS validation
  • Security professionals operating in a PCI DSS compliant environment
  • Internal auditors desiring to validate interim compliance
  • IT staff, project managers & Risk Managers

Learning Objectives

  • Learn in-depth about the PCI DSS assessment, test procedures and reporting requirements.
  • Understand the differences between SAQs (self-assessment questionnaires) and their usage.
  • Gain insight into a QSA auditor’s perspective on scoping and reduction, gap analysis, remediation and auditing issues.
  • Take part in interactive sessions that will allow attendees to ask questions relating to their own organization and cardholder environment.
  • Gain an expert view on how to create a compensating control and what situations may or may not be appropriate for such controls.
  • Understand the effects of new technology on PCI DSS compliance

Educational approach

  • This training is based on both theory and best practices used in PCI-DSS QSA audits
  • Lecture sessions are illustrated with examples based on case studies
  • Practical exercises are based on a case study which includes role playing and discussions

Prerequisites

  • Knowledge of IT systems would be advantageous but not essential.
  • An understanding of the general principles of information technology security would be useful, but again, not essential. Awareness of the issues involved with implementing security controls.

This course is designed to introduce the PCI DSS family of standards, and then do a deep-dive into the 12 Requirements and each control.

  • The purpose of the PCI DSS and the requirement for protection of cardholder data.
  • PCI DSS objectives and intent.
  • Related PCI standards and programmes.
  • Understand how PCI DSS compliance is enforced by the payment brands.
  • Compliance needs for merchants and service providers. Explanation of the different levels.
  • Understand how compliance to the standard must be reported by merchants and service providers.
  • Detailed understanding of the 12 standard requirements.
  • Technical Implementation of the requirements.
  • Assessment / Maintaining compliance.
  • Additional considerations for: call centers, encryption, software development, mobile payments, skimming
  • Candidates will be assessed through an objective based online examination at the end of the course.
  • Exam duration is for 40 minutes.
  • Minimum passing criteria is 80% or above.
  • Candidates who scores minimum or above 80% in the examination will be issued Cybernetic Global Intelligence’s “Certified PCI-DSS implementer Expert” certificate.
  • Unsuccessful candidates will be issued a certificate of attendance.

Register

For more information or to register for this training course, call 1300 292 376 or Register Yourself on our website.

Additional Information

Training Days: 1.5


Exam Duration : 40 mins


Retake Exam: Yes