The Payment Card Industry (PCI) Data Security Standard (DSS) affects every organization that stores, processes, or transmits credit or debit cards. In this course, you'll learn about the standard and how it is used in card scheme compliance programs.
In an organization that touches payment cards, the information security agenda includes compliance with the Payment Card Industry (PCI) Data Security Standard (DSS). In this course, PCI DSS - The Big Picture, you'll learn the basic requirements of PCI DSS, the language it uses, and how the standard is structured. More importantly, you'll learn how the standard is used in compliance programs and how you'll be expected to validate your compliance. You'll also learn what to do when you can't comply with the standard and discover ten of the most common PCI DSS myths that can lead to expensive mistakes. When you've finished this course, you'll know enough PCI DSS to work in environments where PCI DSS compliance is a requirement.
John Elliott helps organizations balance risk and regulation with business needs. He is a specialist in payments (John contributed to the development of many PCI standards, including DSS), privacy and a cyber security. A passionate and innovative communicator, he presents frequently at conferences, online and in boardrooms.
Hi everyone, my name is John Elliott and welcome to my course, PCI DSS the big picture. I’ve been working in payment security for about eight years. In that time I’ve been PCI Qualified Security Assessor, worked for large merchants and spent some time as Visa Europe’s representative on the Payment Card Industry Security Standards Council -which means I had the pleasure of contributing to many of the PCI standards including the standard that’s at the heart of this course, the Payment Card Industry Data Security Standard or PCI DSS.
We’re going to cover two major topics. Firstly we’re going to look at the standard itself and take a quick look at each of the twelve PCI DSS requirements. For each requirement, we’ll discover the key sub requirements and the system components affected by each requirement.
Secondly you’ll learn about the compliance programs mandated by the card schemes who established the PCI Security Standards Council, and how PCI DSS is used in their programs. You’ll learn about the compliance documents, RoCs and SAQs and the various types of PCI roles - QSAs, ISAs and PCIPs who all can help on a compliance journey.
Finally you’ll discover ten of the most common PCI DSS myths that could jeopardise your journey to compliance. By the end of this course you will understand the fundamentals of PCI DSS, there are no prerequisites and you’ll also have 25% of the information you need to pass the PCI Professional Exam.
I hope you’ll join me on this journey to discover the essentials of PCI DSS in this “PCI DSS: The Big Picture” course, here at Pluralsight.