The entities that store, transmit or process cardholder data have all increasing security needs about them. This stake is even more real with the publication of the European General Data Protection Regulation (GDPR). To fight the risk of fraud, the PCI Council develops and maintains standards to protect cardholder data.
This one-day express training course is designed to explain all the evolutions related to PCI DSS v4.0 in order to prepare your organization for the necessary changes the best way.
Distance learning training
Overview
- The PCI DSS standard in brief
- Presentation of the evolutions of the PCI DSS standard v3.2.1 => v4.0
- Understanding the impact on your organization
- Prepare to lead the necessary changes
Course Curriculum
Understanding the changes in v4.0
- Reminder of what PCI DSS is
- Reminder of the different versions of the PCI DSS standard
- Why a new version of the standard? What are the major challenges?
- Key dates to remember on the v3.2.1 & v4.0 repository life cycle
- Presentation of the nature of the changes made
- Presentation of the evolutions of the PCI DSS standard
- “Defined Approach” vs. “Customized Approach”
- Immediate mandatory requirements for v4.0 audits
- Mandatory requirements for later (Best practices before 03/31/2025)
- What about compensatory controls in v4.0?
- What about SAQs in v4.0?
Preparing for change
- Understanding the impact on your organization
- New requirements applicable to all entities
- New requirements applicable only to service providers
- Preparing for change in my organization
- Requirements with a technical impact
- Requirements with an organizational impact
- Requirements with a contractual impact
- Requirements impacting your staff
- Using the Customized Approach Well
- The risks associated with this approach
- The obligations related to this approach
- Almond’s recommendations for using this approach
Learning
Assessment
- Validate your knowledge in a funny way through case studies and quizzes
The +
- This training is based on the alternation of theoretical and practical time:
- A 1-day express format.
- Benefit from the rich experience of our QSA trainers
Who should attend?
- Directors, CISO, Chief Information Officer, Financial directors, Buyers, Lawyers, Human Resources Directors…
- PCI DSS Project Managers, Security Correspondents, Auditors, Technical Architects, Production Operators…
Prerequisites
- Organization already either in PCI DSS RUN or BUILD phase for PCI DSS v3.2.1
- Organization in the process of certification to the v3.2.1 standard
- Organization already either in PCI DSS RUN or BUILD phase for PCI DSS v3.2.1
How and
when to access
The participant is considered registered when:
- The prerequisites and needs are identified and validated
- The training agreement is signed
Registration requests can be sent up to 5 working days before the start of the training.
Accessibility
Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment. If you need compensation or adaptation for the content, the supports, the place, the material used, the schedules, the rhythm, we are at your disposal.
Duration
1 day (7 h)
Price
€1000 excl.tax
+ OPCO support
Would you like more information?
contact us by filling out this form