Retail Technology
| Log in | Subscribe
Subscribe | Log in
Retail Technology
Subscribe

New training and certification program to help companies build internal PCI expertise and strengthen approach to payment data security

New training and certification program to help companies build internal PCI expertise and strengthen approach to payment data security

 

The Payment Card Industry Security Standards Council (PCI SSC) has announced the launch of its Internal Security Assessor Programme (ISA), offering PCI DSS training and certification for internal assessment staff at entities such as merchants, acquiring banks and processors.

 

The PCI SSC is a global, open industry standards body providing management of the Payment Card Industry Data Security Standard (PCI DSS), PIN Transaction Security (PTS) Security Requirements and the Payment Application Data Security Standard (PA-DSS).

 

The three-day course is designed to test and qualify in-house security personnel on how to validate and maintain ongoing PCI compliance within their organisations.

 

Providing consistent training standard

 

The council said the first session will take place on from 19 to 21 May in Sydney, Australia and will provide attendees with in-depth technical instruction for enhancing the quality, reliability and consistency of an organisation’s internal PCI DSS self-assessments, supporting the consistent and proper application of PCI DSS measures and controls and effectively facilitating external relationships with PCI SSC certified Qualified Security Assessors.

 

The course will be led by PCI Security Standards Council experts including Tim Hartzell, the lead PCI SSC standards trainer, who has more than 25 years of experience in the technology sector and training members of the payments community.

 

The development of the ISA programme is a direct response to Participating Organisation feedback on the need to improve educational opportunities for internal staff. When combined with the Standards and QSA training offerings, the ISA programme has been designed to strengthen the council’s commitment to providing educational opportunities for all stakeholders across the payment ecosystem to increase payment security.

 

Taking account of people and process

 

“People and processes continue to be integral in developing a strong security strategy and meeting PCI requirements,” said Bob Russo, PCI Security Standards Council general manager. “With this new training offering, organizations have the chance to develop their own in-house PCI compliance experts, and with the many other tools and resources provided by the Council, can implement a stronger ongoing security process to better protect cardholder data.”

 

This ISA training session will be available in multiple locations throughout 2010, including at the council’s forthcoming Community Meetings in Orlando and Barcelona. As registration opens, details will be made available on the council’s website.

 

ISA certifications are renewable annually, and are valid while the certified ISA individual remains at an ISA validated company that has sponsored their attendance at the training. ISA training attendees must be full-time employees of an ISA company.