PCI DSS mandates that staff are periodically trained in a number of different areas:
- Security awareness training of staff who deal with cardholder data or who could impact the security of cardholder data (Requirement 12.6)
- Training of front-line retail staff operating Point-of-Sale devices (Requirement 9.9)
- Incident response training (Requirement 12.10)
- Secure software development and coding techniques (Requirement 6.5)
One Compliance offers training services covering general security awareness and for front-line retail staff as follows:
- Executive-level PCI DSS overview training. This ensures that senior staff have an appropriate understanding of PCI DSS, and the obligations of the business to protect cardholder data
- Technical PCI DSS training for staff who can directly impact the security of cardholder data. This goes into much more detail of PCI DSS and includes a scoping workshop with scenarios.
- Front-line retail and call centre staff training. This training is not delivered directly, but as a video which can be hosted in your intranet. Separate modules are required for retail and call centre staff as they operate in very different environments. These short courses are generally less than 15-minutes in length, and address the applicable PCI DSS controls and any other relevant requirements which you may wish to add into the course material.
Please Contact us to discuss your training needs.