PCI DSS: Achieving and Maintaining Compliance
Achieving PCI DSS compliance can be hard and frustrating. This course provides practical advice for every stage of the compliance journey from working out what compliance means for you, scoping, assessment, and importantly how to stay compliant.
What you'll learn
It's time to bring together the theoretical knowledge of becoming PCI DSS compliant, and the practical knowledge of how the standard really works! In this course, PCI DSS: Achieving and Maintaining Compliance, you’ll gain the ability to take an organization on a PCI DSS compliance journey and understand the challenges in maintaining PCI DSS compliance. First, you’ll learn about who may ask you to comply with PCI DSS and the different ways that you can demonstrate your compliance. Next you’ll explore how to determine what people, processes and technology that the PCI DSS requirements will apply to, and the ways to minimize these. Then, you'll discover what a Qualified Security Assessor (QSA) will do when they assess your compliance with the standard, and what you can do when your organization cannot comply with certain requirements. Finally, you’ll learn how to prevent control decay, scheduled tasks, and change from destroying your hard-won PCI DSS compliance. When you’ve finished with this course you'll have the skills and knowledge to pilot an organization through a successful PCI DSS compliance journey, and then maintain PCI DSS compliance year after year.
Table of contents
- Scoping and the Cardholder Data Environment 8m
- Culture, Security, Compliance, and PCI DSS 2m
- Techniques to Reduce the Scope of the CDE 4m
- Removing Cardholder Data to Reduce PCI DSS Scope 6m
- Outsourcing to Reduce PCI DSS Scope 2m
- Changing Business Processes to Reduce PCI DSS Scope 3m
- The Hard Work in a PCI DSS Compliance Program 5m
- Scoping Tips for Very Large Organizations 3m
- Good and Bad PCI DSS Scope Reduction 3m