PCI DSS Workshop - ESP-P-016
- Track: Technical, Management.
- Level: Practitioner level - Those who must incorporate security conscious practices into their daily processes
- Introduction
The purpose of this workshop is to provide clients with independent and expert advice and guidance surrounding information security compliance with a particular emphasis on their PCI DSS requirements. Espion is a certified Qualified Security Assessor (QSA).
- Outline
- Introductions – Company, Participant and PCI DSS
- Brainstorm – Whats definately in scope and can be excluded
- Evaluation – Explore suitability of suggested solutions
- Wrap-Up – Discuss what is a good next step
- Report – Obtain written record of workshop findings
- This course is suitable for
Anyone involved in implementing PCI within an organisation
- Course duration
- 0.5 day
- Course dates
Client Premises
- Content
Unit 1: Introduction (Approx 1.75hrs)
- a. Introduce all parties / confirm agenda for the session
- b. Determine organisation PCI compliancy requirement
- c. Introduction to PCI DSS & “PCI Scope”
- d. Discuss mapping of payment card data flow for each business scenario. Ideally the appropriate person from the client organisation should introduce this. (1hr)
Unit 2: Brainstorm Phase (Approx 1 hr)
- a. Determine items that cannot be ruled out of scope
- b. Consider solutions than can rule items out of scope or reduce scope
Unit 3: Evaluation Phase (Approx 1 Hr)
- a. Evaluate appropriateness of solutions from Brainstorm Phase
- b. Agree. Document potential solutions
- c. Agree additional information (if necessary)
Unit 4: Wrap-Up Phase (approx 0.25Hr)
- a. Agree next steps
Unit 5: Reporting (Post Workshop Deliverable)
- a. Upon workshop completion relevant findings uncovered will be provided promptly in a written report. to appropriate stakeholders where required.
- b. Presentation of Results to appropriate stakeholders where required (Optional)