This two days’ workshop is designed to provide delegates with the practical knowledge required to complete the new PCI DSS v3 Self-Assessment Questionnaires (SAQs) and ensure full compliance to the PCI DSS v3 standard.
Understand the new PCI SAQs and achieve compliance to PCI DSS v3.0
The Payment Card Industry Data Security Standard (PCI DSS) Version 3 was published in November 2013 and requires the majority of service providers and merchants to complete a Self-Assessment Questionnaire (SAQ).
The new version of the standard has introduced both new SAQ eligibility criteria and new and more complex SAQ documents. Merchants who previously completed SAQ A which only had 13 questions may now have to complete the new SAQ-EP which has 139 questions! Larger merchants with multiple payment systems will be required to submit more than 1 type of SAQ and satisfy additional requirements such as penetration testing.
PCI DSS v3 effective from 1 Jan 2015
The new PCI DSS v3 SAQ documents and requirements will come into effect from 1 Jan 2015. All organisations worldwide will be required to use and complete them in order to maintain their annual compliance to the PCI DSS standard. The PCI DSS v3 SAQ Workshop is a two days’ practical session designed to help merchants and service providers fulfil the requirements of the SAQ process with confidence and ease.
Who should attend the course?
Managers who are responsible for ensuring that their organisation maintains full compliance to the PCI DSS standard.
Course contents
Presented by a PCI QSA (Qualified Security Assessor), the workshop is based on a ‘real-life’ case study of a PCI merchant company which needs to ensure PCI DSS compliance across a number of different payment platforms.
- Overview of the additional compliance requirements of PCI DSS v3
- Introduction to the different types of SAQs
- Details of the new SAQ Validation Types which include A-EP, B-IP, and D-SP
- Applicability of SAQ Types to payment processing scenarios:
- E-commerce
- Face To Face
- Mail or Telephone Order (MOTO)
- Q & A to receive specific advice to help your organisation
Entry Requirements
While there are no formal entry requirements, this course has been designed to meet the needs of delegates who already have a working knowledge of PCI DSS and are responsible for ensuring their organisation maintains its compliance to the standard.