PCI DSS Lead Implementer Training Course. Virtuel in English. ISO 17024

Train with the experts and gain the skills to lead and manage a PCI DSS (Payment Card Industry Data Security Standard) v4.0 implementation project.

• Industry-leading course developed by our team of PCI QSAs (Qualified Security Assessors).
• Learn from anywhere with our Live Online course that allows you to study your way, keeping travel and costs to a minimum. 
• Successful completion of this three-day course and included exam awards the PCI DSS Lead Implementer (PCI DSS LI) qualification and 21 CPD/CPE points.
  

Training course outline

Version 4.0.1 of the PCI DSS was published in June 2024. to meet the evolving cyber security needs of the payments industry, promote security as a continuous process and enable organisations to use different methods to achieve their security objectives.

The PCI DSS Lead Implementer Training Course delivers the knowledge and skills needed to implement the technical and business controls required to meet the 12 requirements of PCI DSS v4.0.1.

By taking this course, you will:

• Get an understanding of the principles and application of PCI DSS scoping;
• Gain in-depth knowledge of the 12 PCI DSS requirements;
• Acquire the skills to apply the requirements to your organisation;
• Find out how to create a PCI DSS implementation readiness programme for SAQ (self-assessment questionnaire) or external audit; and
• Receive practical advice from an experienced PCI DSS consultant.

Understand and implement the technical and business controls needed to meet the 12 requirements of PCI DSS v4.0.

Taught by a PCI DSS consultant with extensive experience of helping organisations of all sizes achieve PCI DSS compliance.

Designed by QSAs with an auditor’s perspective on PCI DSS scoping, scope reduction, gap analysis and remediation.

Day 1

• Applying PCI DSS scoping techniques to a given environment.
• Defining and identifying the relationship between each of the 12 PCI DSS requirements and an organisation.
• Installing and maintaining network security controls.
• How to apply secure configurations to all system components using tools and sites.
• Methods of storing cardholder data and assurance to confirm data locations.
• Methods of encryption and cryptography for the transmission of cardholder data across open, public networks.
• Selecting antivirus solutions for traditional and organisational settings.

Day 2

• The OWASP (Open Web Application Security Project) Top 10 and identifying updates to the risk register.
• Managing access to cardholder data by users with different job roles.
• Identifying user accounts and implementing MFA (multifactor authentication) where required.
• Constructing a merchant premises that restricts physical access and includes locks, RFID, CCTV, PED storage and PED checks.
• Analysing and reviewing logs in the event viewer to identify access to network resources.
• Determining appropriate testing methods such as penetration testing, vulnerability scanning, ASV scanning and segmentation testing.

Day 3

• How to maintain an information security policy for all users.
• Understanding the option of using a customised approach.
• How to carry out a risk analysis.
• PCI DSS implementation readiness preparation and exercise.
• Summary and exam preparation.

What’s included in this course?

• Full course materials (digital copy provided as a PDF file).
• The PCI DSS Lead Implementer exam.
• A certificate of attendance.

What equipment do I need?

You will need a laptop and webcam for the duration of your course and exam.

Course duration and times

Day 1: 9:30 am – 5:00 pm
Day 2: 9:30 am – 5:00 pm
Day 3: 9:30 am – 5:00 pm

Are there any prerequisites for this course?

There are no formal entry requirements for this course. We will, however, assume that participants have a foundational knowledge of PCI DSS v4.0 along with the technical vocabulary to understand systems, technology and processes described by the Standard. We strongly recommend taking the PCI DSS Foundation Training Course before starting this course.

PCI DSS Lead Implementer exam

Candidates take the PCI DSS Lead Implementer (PCI DSS LI) exam set by IBITGQ (International Board for IT Governance Qualifications). There is no extra charge for this exam.

• Delivery method: Online
• Duration: 90 minutes
• Questions: 40
• Format: Multiple choice
• Pass mark: 65%

What qualifications will I receive?

PCI DSS Lead Implementer (PCI DSS LI).

Accreditation

This course holds accreditation from IBITGQ (International Board for IT Governance Qualifications), a renowned authority in personnel certification within the field of IT governance.

As a premier personnel certification body, IBITGQ specialises in certifying individuals who demonstrate exceptional proficiency in IT governance practices.

IBITGQ maintains accreditation to the ISO/IEC 17024:2012 standard, a globally recognised benchmark for conformity assessment. Accreditation by the International Accreditation Service (IAS) further underscores the course's commitment to meeting stringent certification requirements.

ISO 17024 certification is esteemed within the industry and universally acknowledged by employers worldwide. By aligning with this standard, our course ensures that your qualifications are not only recognised but also highly valued by employers across diverse sectors.

Upon successful completion of the course, you have the opportunity to validate your professional expertise by registering your qualification on the esteemed IBITGQ/GASQ successful candidate register. This platform serves as a testament to your commitment to excellence in IT governance, setting you apart as a distinguished professional in the field.

How will I receive my exam results and certificates?

• Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
• Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
• Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Do I need proof of identity to take the exam?

Delegates must bring a form of photographic ID with them as the invigilator my request to check it prior to the exam.

Can exams be retaken?

Yes, you can retake the exam at an extra cost if you are unsuccessful on the first attempt

Subject to change after publishing