The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard for organizations that handle branded credit cards from the major card schemes.
The PCI Standard is mandated by the card brands but administered by the Payment Card Industry Security Standards Council. The standard was created to increase controls around cardholder data to reduce credit card fraud.
Normally, compliance validation is accomplished annually or can be accomplished on a quarterly basis. A Qualified Security Assessor is able to define the processes involved in payment card processing, understand the PCI DSS requirements and testing procedures, conduct PCI DSS assessments, validate compliance, and generate reports.
The intent of this course is to provide some extra exam questions you may not have encountered that relate to the new PCI DSS standard version 4.0 qualification exam and some of the new requirements. Areas include, scoping, segmentation, assessing people, processes and technologies. In addition, the questions will be geared toward the changes related to the Report on Compliance (ROC) template and how the assessor will need to record observations and results. These changes are general changes as well as changes to specific sections. There will also be information related to the new Merchant Assessment Forms for E-Commerce as well. Exam questions also cover differences between assessing the new Defined Approach and Customized Approach procedures.
If you have questions or suggestions for improvements, please don't hesitate to contact me and please leave a review!