Course info
May 10, 2017
1h 23m

In an organization that touches payment cards, the information security agenda includes compliance with the Payment Card Industry (PCI) Data Security Standard (DSS). In this course, PCI DSS - The Big Picture, you'll learn the basic requirements of PCI DSS, the language it uses, and how the standard is structured. More importantly, you'll learn how the standard is used in compliance programs and how you'll be expected to validate your compliance. You'll also learn what to do when you can't comply with the standard and discover ten of the most common PCI DSS myths that can lead to expensive mistakes. When you've finished this course, you'll know enough PCI DSS to work in environments where PCI DSS compliance is a requirement.

About the author
About the author

John Elliott is a data protection specialist. He helps organizations comply with regulations in a sensible and pragmatic way, balancing business needs, risk and regulations.

More from the author
GDPR: The Big Picture
3h 7m
31 May 2018

Hi everyone, my name is John Elliott and welcome to my course, PCI DSS the big picture. I’ve been working in payment security for about eight years. In that time I’ve been PCI Qualified Security Assessor, worked for large merchants and spent some time as Visa Europe’s representative on the Payment Card Industry Security Standards Council -which means I had the pleasure of contributing to many of the PCI standards including the standard that’s at the heart of this course, the Payment Card Industry Data Security Standard or PCI DSS.

We’re going to cover two major topics. Firstly we’re going to look at the standard itself and take a quick look at each of the twelve PCI DSS requirements. For each requirement, we’ll discover the key sub requirements and the system components affected by each requirement.

Secondly you’ll learn about the compliance programs mandated by the card schemes who established the PCI Security Standards Council, and how PCI DSS is used in their programs. You’ll learn about the compliance documents, RoCs and SAQs and the various types of PCI roles - QSAs, ISAs and PCIPs who all can help on a compliance journey.

Finally you’ll discover ten of the most common PCI DSS myths that could jeopardise your journey to compliance. By the end of this course you will understand the fundamentals of PCI DSS, there are no prerequisites and you’ll also have 25% of the information you need to pass the PCI Professional Exam.

I hope you’ll join me on this journey to discover the essentials of PCI DSS in this “PCI DSS: The Big Picture” course, here at Pluralsight.