CPSP (Certified Payment Security Practitioner) – Internationally Recognized Certification Training for PCI DSS Implementation.
The CPSP training is the flagship PCI DSS workshop of Network Intelligence and it is designed to impart knowledge about the best industry practices amongst the security professionals. It will provide a hands-on experience to understand the 12 requirements and controls of PCI DSS and how these requirements are applicable, proposed and implemented while working from home. We have trained and certified over 1000+ professionals across globe for CPSP training and hosted approx. 150 participants during our recent trainings
Developing security awareness is a main concern of this course as this training will help into improving security, reducing the risk of data loss, and simplifying meeting PCI requirements. The CPSP Training will be held for 4-days 4 hours each and the workshop module is for 16 hours which includes 15 hours of training sessions followed by 1-hour online examination. Below is the course outline of the training for your reference.Register your interest
Objective of the program:
- Building a framework for securing payment card data
- Ensuring security and not just compliance taking a risk-based approach to implement security controls
- Winning end customer trust
- Going beyond the traditional checklist-based approach for security
- Complying with all the security control in the remote assessment model
Table of Content:
- Basics of Payment Ecosystem: Card Data
- Payment Transaction flow: Issuing and Acquiring
- Stages of Payment Processing: Authentication, Authorization, Clearing, Settlement, Chargeback, Refund etc.
- Various Payment Channels: ATM, POS, Ecom, Mobile App, MOTO, NFC or Contactless
- What is PCI DSS?
- Who is PCI SSC?
- Responsibilities of various entities: PCI SSC, PCI QSAs, PCI ASVs etc.
- PCI DSS Compliance Mandate and applicability of PCI DSS
- Levels of Service Provider and Merchants
- Various SAQs and Applicability
- Approach for PCI DSS Implementation and Certification: “The Phased Approach”
- PCI DSS and Card Data Storage Mandate: A Glimpse
- Overview PCI DSS v3.2.1: 6 objectives and 12 Requirements
- Overview of PA- DSS
- Overview of PCI PTS
- Overview of PCI P2PE
- Integration Model for Various PCI standards
- PCI DSS Scoping and Network Segmentation
- PCI Perspective on architecture: Good and Bad: Inhouse Arch., Third party Cloud Architecture, Virtualization
- Scoping vs Sampling: What is what?
- PCI DSS Risk Assessment Methodology and Approach
- PCI DSS and ISO 27001: A Comparison
- Implementing PCI DSS Requirements: Detailed discussion on each requirement and sub requirement of PCI DSS v3.2.1
- QSA Perspective for each PCI DSS requirement and Best Practices
- PCI DSS Using Open Source tools: Suggestion on available tools to meet PCI DSS
- Appendix A1 and A2
- Designated entities supplemental validation
- Compensating Controls
- Impact of COVID 19 on PCI DSS on-site QSA assessment.
- Remote Assessment- The way forward for PCI Compliance.
- Moving your payment infrastructure to remote model.
- Network Intelligence- Remote Assessment methodology.
- Annual PCI DSS Compliance management: The PCI DSS Calendar
- An approach to handle suspected card data breach
- PCI DSS resources and knowledge library
- What to look for in a PCI QSAC
Terms & Conditions:
- Fees, speakers and date are subject to change.
- Any cancellations received within the last ten calendar days would be liable for 50% of the course fees. Cancellations must be received in writing at least one week prior to course commencement. No-shows would be fully charged.
- Registered attendees who are unable to attend the above course can send replacements subject to one week’s notification. * Membership fee applies.
We are committed to respecting your privacy and we recognize the importance of protecting the information collected about you. All of the personal information that you have submitted during the registration shall only be processed in relation to your attendance to this event (i.e., processing of payments, issuance of certificate, sending of any announcements, future events and activities). All the information that you have provided in relation to this event shall be protected with reasonable and appropriate measures, and shall only be retained as long as necessary in its processing.