PCI-DSS Foundation Certification Training
 in Albuquerque, NM

PCI-DSS Foundation Certification Training in Albuquerque, NM

Ratings: 222 Votes | Learners: 12564

Classroom Training in Albuquerque, NM, United States Change City

Select a batch of your convenience
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 799
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
PCI-DSS Foundation Certification Training in Albuquerque, NM, united-states
Rated 3.9/5 based on 222 votes 12564
USD 649
Please contact us at support@graspskills.com
Please contact us at support@graspskills.com

Graspskills is conducting 2-days full-time instructor-led Live Online PCI-DSS certification training course in Albuquerque, NM, United States. Enroll Now! for this PCI-DSS exam prep certification training course in Albuquerque, NM, United States and accelerate the scope of your career as a certified project management professional.

Our 2-days PCI-DSS live online training class in Albuquerque, NM, United States, is conducted by an expert instructor with real-life training and consulting experience. Our PCI-DSS certification training course content includes 5 full-length PCI-DSS examination prep mock tests with answers and explanation for each question.

Our PCI-DSS certification training course created by leading subject matter experts and delivered by experienced trainers, along with 5 full-length PCI-DSS sample tests and complimentary e-learning course included with live online training will prepare you to take the PCI-DSS certification exam with confidence.

Enroll Now! for our PCI-DSS exam prep certification training course in Albuquerque, NM, United States and expand the scope of your project management career. Join our PCI-DSS certification training course and obtain 35 contact hours certificate, which is mandatory for applying for the PCI-DSS examination.

For more information about our upcoming PCI-DSS exam prep certification training courses, please contact us on {Phone} or support@graspskills.com or fill-in the form provided on this page. Our training consultant will contact you with more information on our PCI-DSS certification training courses in Albuquerque, NM, United States.

We also provide PCI-DSS certification classroom training courses in Albuquerque, NM, United States, apart from PCI-DSS instructor-led live online training courses.

This Course is suitable for those who must deal with PCI compliance. It includes Audit Manager, Business Analyst, Compliance Officer, Credit Analyst, Finance Manager, IT Manager, IT Specialist, Project/Program Manager, Risk Management Analyst, Security Analyst, Senior Developer, Software Engineer, System Administrator and Web Master.

Part 1: PCI Fundamentals

Part 2: PCI-DSS Requirements

Part 3: Evaluation of PCI-DSS versions

Part 4: PCI-DSS Requirements and Security Assessment Procedures v3.1

Part 5: Summary of Changes from PCI-DSS v3.0 to v3.1

Part 6: PCI-DSS Quick Reference Guide

Part 7: PCI-DSS and PA-DSS Glossary of Terms, Abbreviations and Acronyms

Part 8: PCI Templates

Part 9: PCI Security Standards Council Prioritized Approach Tool

  • Basic knowledge of the Payment Card Industry Data Security Standard (PCI DSS)
  • Learn the challenges surrounding payment card security
  • Understand what the PCI Standards do to mitigate these issues.
  • Get tools to build a secure payments environment

Why should I choose Graspskills for PCI-DSS Certification Training Course in Albuquerque, NM, United States?

Graspskills’ PCI-DSS certification training course in Albuquerque, NM, United States, is delivered by industry professionals. This comprehensive training course outline defined by Lean Kanban University includes hard copy and soft copy of the courseware, and 16 PDUs towards continuing certification requirement.

What is PCI-DSS?

PCI Stands for Payment Card Industry, it is the shorted acronym of PCI DSS (Data Security Standard) which is the industry standard that all merchants and service providers that take or process credit and debit cards must comply with.  There are many industry requirements that must be followed in order to protect customers credit card information.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry standards designed to protect payment card data. Intended to create an additional level of protection for consumers and reduce the risk of data breaches involving personal cardholder data, the standards are comprised of 12 broad requirements and collectively, more than 200 line item requirements. The 12 broad requirements can be grouped into six key areas: building and maintaining a secure network; protecting cardholder data; maintaining a vulnerability management program; implementing strong access control measures; regularly monitor and testing networks; and maintaining an information security policy.
Any organization that transmits, stores or processes primary account numbers (PAN) is required to comply with the PCI DSS.  In addition, where other cardholder data is stored, processed or transmitted with PAN it must also be protected.  Cardholder data includes Primary Account Numbers (PAN), Cardholder name, Expiration Date and Service Codes.  Another type of data, known as Sensitive Authentication Data (SAD), is also covered by PCI DSS, but generally the storage of SAD is prohibited. Compliance with the DSS requirements is mandatory, regardless of the size of the merchant or the number of card transactions they process each year.  You may be required to complete PCI reporting documentation even if outsourcing your payment card processing to a third party. 

What is the role of the PCI Security Standards Council?

  • The PCI Security Standards Council is an open global forum that is responsible for the development, management, education, and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Founded in 2006 by the major payment card brands American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., the Council has more than 600 participating organizations that represent merchants, banks, processors and vendors worldwide. It is responsible for the development, management, education, and awareness of the PCI Security Standards, including the Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements.
  • Enforcement of compliance with the PCI standards and determination of non-compliance penalties are carried out by the individual payment card brands. 

What is a Qualified Security Assessor (QSA)?

QSA is the designation given to employees of a company/consulting firm that are authorized by the PCI Council to attest that merchants and service providers are PCI compliant.  (You are required to have gone through training and pass a test provided by the PCI Council)

What is PCI Certification?

PCI Certification –  PCI Certification is a term most used by merchants and service providers to claim they are meeting the PCI DSS requirements.  A merchant or service provider only officially states their compliance for a point in time, there is no assurance that their compliance is valid the rest of the year.

Where can I find the list of PCI DSS requirements?

For more information on the PCI DSS requirements and updates, visit the PCI Council website. This website has useful information about the PCI Security Standards Council, the complete PCI DSS requirements for merchants, vendors and security consulting companies, and the Council's certification and merchant support services. It also has regular updates on changes to the PCI requirements and upcoming PCI Council events.

Are there any benefits to PCI DSS compliance?

By properly implementing the PCI DSS and achieving and maintaining compliance, merchants can improve their overall security posture and avoid costly fines and data breaches.  They can be better prepared to prevent and detect a host of attacks against their information assets, both at the network and physical level. PCI compliance can improve operational efficiency by ensuring that policies are defined, and procedures are documented so that employees know what they should be doing and how to do it. Controls, policies and procedures developed for PCI can be rolled out across the organization to spread the security benefits and reap the greatest return on investment from a PCI compliance project. While compliance does not equal security, the PCI standards can serve as a starting point and framework for organizations that wish to create a more secure environment and better protect their customers.

What kinds of organizations may be impacted by PCI DSS compliance standards?

Any organization that transmits, processes or stores payment card data - debit and credit cards included - must comply with the PCI standards. This includes financial institutions, such as banks, insurance companies, lending agencies and brokerage firms. It also includes all kinds of merchants, from medical and dental offices to pharmacies, hospitals, schools and universities, clothing stores, government agencies, cafes, restaurants, and ecommerce companies. It even affects individuals that accept payment cards for purchases, such as those at a farmer's market, food truck or crafts fair.

It also includes service providers such as transaction processors, payment gateways, customer call centers, web hosting providers and data centers, among others.

In addition to the requirements laid out in the PCI Data Security Standard (PCI DSS), the PCI Council has created programs specifically for software developers as well as hardware and device manufacturers, including the Payment Application Data Security Standard (PA-DSS) and the PIN Transaction Security (PTS) program.

What are the PCI DSS compliance validation requirements for different merchant levels?

In addition to meeting the security requirements of PCI DSS, merchants and service providers must also validate their compliance each year, as outlined in the table below. All merchants and service providers, regardless of where they are based, must submit a passing vulnerability scan performed by an Approved Scanning Vendor (ASV) regardless of their size or the number of credit card transactions they process each year.

Level 1 merchants (greater than 6 million transactions per year) and Level 1 service providers (greater than 300,000 transactions per year) must also undergo an annual onsite audit performed by a Qualified Security Assessor (QSA) or by an employee of the company who has gone through the PCI Internal Security Assessment Training Program.

Level 2, 3 and 4 merchants and service providers must complete a PCI Self-Assessment Questionnaire (SAQ) along with an Attestation of Compliance. Once completed, validation results and documented compliance controls must be submitted to the merchant's acquiring bank. It is important to note that requirements may vary depending on the payment card. For example, Level 2 merchants that accept MasterCard must have more rigor than just the SAQ self-assessment that applies to Levels 3 - 4.  MasterCard specifies that as of June 30, 2012, Level 2 merchants that choose to complete an annual SAQ questionnaire must ensure that staff engaged in the self-assessment attend PCI SSC ISA Training, and must pass the associated accreditation program annually in-order to continue the option of self-assessment for compliance validation. Alternatively, Level 2 merchants may, at their own discretion, complete an annual onsite assessment conducted by an approved QSA rather than complete an annual self-assessment questionnaire.

It is also important to note that if a Level 2 - 4 merchant suffers a breach that results in a data compromise, they may be escalated to a Level 1 validation level. [Note: also see Visa's definition of merchant levels, which is largely determined by transaction volume. The MasterCard and American Express definitions of merchant levels are similar to Visa's.]

FAQ

What types of courses are offered by Graspskills?

Graspskills currently offers international premium certification courses in the areas of Information Security, Project Management & IT Service Management.

I want Graspskills to conduct training at our company’s site. Whom should I contact?

Please connect with our support team through corporate@graspskills.com to know more about organizing training at your company’s site across the globe.

What are the deliverables for the courses?

The deliverables are as mentioned below:

  • Training – Classroom / Online/ Live Virtual classroom
  • Exam – Online / Paper based
  • Courseware – E-Books – please visit www.graspskills.com
  • Participation Certificate

Do you provide any group discounts for classroom training programs?

Yes, we have group discount packages for classroom training. Contact support@graspskills.com to know more about group discounts.

How should I make the payment and what are the modes of payment available?

Payments can be made using any of the following options

  • Visa debit/credit card
  • Master Card/American Express/Diners Club card, etc
  • Wire transfer
  • PayPal
Do I get a receipt or confirmation for the payment made?

Receipt will be issued to the candidate by via email.

Does the course fee include the examination fee as well?

Yes, Only few course fees are included and rest of the course are not included.

Are the certification exams papers based or online?

Both actually. It depends on the type of certification. For most courses, both options are available.

Can I take the training now and give exam later point of the time?

Yes. It is up to you when you decide to give your exam. On a softer note, we encourage participant to complete his/her exam within one month of the training.

Do I get a copy of the participation certificate by post or by email?

For all the courses we offer, we provide a digital participation certificate by email. The soft copy of the certificate will be provided by the certification body.

How do I receive my certificates?

Either you can pick up from office by showing ID proof or Certificates are couriered to your address as registered in exam information sheet. It usually takes 7-10 working days to receive hard/soft copy certificates from Examination bodies : PMI, AXELOS, etc

Can I discontinue my training course, In case situation demands?

Yes. If you have a valid reason, as per management discretion, you can take a break and resume your training at later point of time.

Can I cancel my registration? Do I get a refund?

Yes, you can cancel your registration. We will provide you complete refund after deducting the administration fee. To know more please go through our refund policy & student service obligation

Is it possible to conduct training in Client's location, not in the website?

Yes. Please leave a request through request a training link. We will schedule a training based on demand at the requested location and notify you.

What do Infrastructure do I need if I choose online training?

Please refer all required details @ Call Support team

To whom do I contact in case of any query regarding any of the courses?

For any course-related information, please email at enquiry@graspskills.com or connect with us through live chat.

Key Highlights:
  • Accredited Training Provider
  • Accredited Course Material
  • Accredited Exam Centre
  • Accredited e-Learning Training
  • 100% Passing Warranty
E-Learning Access Includes
  • Sample Exams, Recorded Webinars etc.
  • Course Material which covers
  • In-depth Subject Knowledge
  • Assistance after Training also.
  • Our Accredited Trainers/Consultants have vast Knowledge and Experience on Multiple frameworks.
What kind of learning/Training does Graspskills provide?

Graspskills, we offer instructor-led online live sessions and self paced online courses covering various categories.

Who are the trainers at Graspskills?
  • We have pool trainers available with minimum 20 years of industry experience. Our Instructor led live online courses will be handled by industry professionals who are working in leading esteemed organizations and in their respective fields. These experts belong to various industries and are willing to share their experience with learners like you.
  • We have a large cat log of Self paced online courses as well. We have well versed partners with leading instructors, premium learning content houses, universities across the globe
How are classes at Graspskills organized?
  • Live instructor led Online courses are taught by live instructors on a specific day and time and with a set duration. Learners can take these courses through online video streaming from anywhere and users can live discuss with our trainers by speaking and sharing screen. Users can speak by using a microphone/Headphone.
  • Self paced online courses are provided in the form of high quality pre-recorded videos and these courses can be learned at their own pace, on their own time. These courses can be accessed from anywhere in the world.
What is the difference between Class room, pre-recorded video session and instructor-led Virtual online live classes?
  • Class room training will be delivered by our Trainer, physically at our prefixed time and training venue.
  • Pre-recorded sessions are the ones in which there is one-way flow between the trainers and the learners i.e. learners can visible and able listen to the training session, but cannot ask queries/doubts from the instructor. These courses can be accessed from anyplace; all you need is a decent internet connectivity to play videos. You can learn with your own comfortable pace.
  • Instructor-led Virtual online live sessions are the ones in which there is a both ways of communication between the students and trainers. The trainers can easily engage, observe & track their learning progress. The students/participants also have the opportunity to ask any queries through various modes (speaking or emailing) from the esteemed trainer.
But we won't contingent with the 'Extreme' classroom experience!!

We reverent deviate! Our All live Online Classroom training combines the best features of the classroom experience and the convenience of online self-study. Try it and we are confident you will not be downcast.

Can I take my training sessions irrespective of my location?

Yes indeed , you can take the training sessions irrespective of your location. Please make sure you adhere to the course perquisites.

Do you provide any Certification for live instructor led online courses? If yes, what is the Certification process?

In case of live instructor led online training, at the end of the course, the trainer will allot you a real -time project which helps you out to clear understanding of how to implement the real- time application. We will provide you with continuous support and assist you in completing the project work. On successful completion of the real-time project work, it will be reviewed by our trainer and you will be awarded a certificate with grade.

What are the payment modes available with Graspskills?

You can pay through Credit Card, Debit Card or Net Banking from all the leading banks. Our Customer Support Team is there to assist you in case if you are facing any product or payment related issues.

What is the system specifications needed for accessing all Access live Online Class room training?

The system requirements are just basic:

  • You can either purchase it directly from the website. Pick your training classes and a schedule that suits you and go through the purchase process.
  • Operating Systems: Windows any version above XP SP3 & Mac any version above OS X 10.6
  • Internet Speed requirement: Preferably above 512 KBPS
  • Headset/Microphone: Any decent headset and microphone which can be used to talk and listen clearly.
What internet speed is required to attend the online live sessions?

The system requirements are just basic:

  • You need have enough internet speed to access a self paced online course.
  • In case of a live instructor led online course, we recommend at least 1Mbps of internet speed. However, participants can take sessions with even lower internet speed also.
I have enrolled to a live instructor led course. What if I don’t have the specific configuration of hardware that is required to do the programming/coding?

Our Instructor Community Team and Service Support Team will help you set up the environment for programming/coding in the best possible manner. In case the setup does not work, they will give access with controllers by sharing the training screens so that you can do the programming by attending laboratory hours at your convenient time.

In case of live instructor based training, How can a participants/attendees will access the online class in the case of disconnect of the internet? Does the student/participant lose that day's class lecture forever?

Users can go through the class recordings or attend the same class in a different batch taken by a different/same instructor. In no event will you lose a lecture forever. You can always watch the session being taken by your instructor on your user page.

How Graspskills will assist me if I faced any problems while installing the programs?

At Graspskills, we have dedicated technical support team to clarify anything you need. If at all, you need any assistance in installing, the technical Support Team will be there for you. Please note that, this service is available only for those who will opt, live trainer led online training sessions.

How will I do the practical sessions for live instructor led online training session?

Every user will be given daily/weekly assignments, case studies, exercises and quizzes/Puzzles so that the trainer can track and observe their progress. You can also complete practical sessions at your own flow, but majorly instructors will be giving guidance for that.

Is there any project supported with the course?
  • Yes, the trainer will assign you a real-time project work to have a clear understanding of how you are able to implement the real-world application and coding of the course agenda.
  • In case of self based online training, please carefully read the study materials details of your registered course.
Do you also provide any reading/study material?

In addition to the class videos in up loadable format, we will also provide the PPTs, PDFs, and codes related to the topics in the downloadable form.

How long do I have access to course material?

At Graspskills, once you enroll with us for particular training classes, you will get 150 days access to the Graspskills course materials.

Is the course material accessible to the participants/attendees even after the course training completes?

After you log in on the user page, you will be able to see recordings of all training sessions that have happened till date in downloadable format. The other training-related study materials like Power point Presentation, project documents etc. will be there on your user screen page which you can access any time. You can also upload the content and use it for offline services.

Do I get any assistance after completion of my sessions?

Yes of course, our trainers will always be there to resolve your queries/clarifications and take your doubts even after successful completion of the course.

What if I am not able to clear the Certification exam in first attempt?

In case of live instructor led course, after the instructor’s review, if your real time project is not approved, then we will provide you the extra assistance for any clarifications and Graspskills will offer re-attempt it is just free of cost. After the successful completion of the assigned project, you will receive the certificates within specified days.

What is the refund policy?

We are dedicated to provide maximum satisfaction to our Participants/Trainees. If you are not satisfied, you can ask for full refund within 7 working days after your transaction in case if you are registered to a self based course.

What if I require extra assistance?

If you require extra assistance, our 24/7 Customer Support Team is always there for your queries and help.

What if I have more queries/doubts?

Please email us on support@graspskills.com

Why should I choose Graspskills for PCI-DSS Certification Training Course in cityname?

Graspskills’ PCI-DSS certification training course in cityname, is delivered by industry professionals. This comprehensive training course outline defined by Lean Kanban University includes hard copy and soft copy of the courseware, and 16 PDUs towards continuing certification requirement.

What is PCI-DSS?

PCI Stands for Payment Card Industry, it is the shorted acronym of PCI DSS (Data Security Standard) which is the industry standard that all merchants and service providers that take or process credit and debit cards must comply with.  There are many industry requirements that must be followed in order to protect customers credit card information.
The Payment Card Industry Data Security Standard (PCI DSS) is a set of industry standards designed to protect payment card data. Intended to create an additional level of protection for consumers and reduce the risk of data breaches involving personal cardholder data, the standards are comprised of 12 broad requirements and collectively, more than 200 line item requirements. The 12 broad requirements can be grouped into six key areas: building and maintaining a secure network; protecting cardholder data; maintaining a vulnerability management program; implementing strong access control measures; regularly monitor and testing networks; and maintaining an information security policy.
Any organization that transmits, stores or processes primary account numbers (PAN) is required to comply with the PCI DSS.  In addition, where other cardholder data is stored, processed or transmitted with PAN it must also be protected.  Cardholder data includes Primary Account Numbers (PAN), Cardholder name, Expiration Date and Service Codes.  Another type of data, known as Sensitive Authentication Data (SAD), is also covered by PCI DSS, but generally the storage of SAD is prohibited. Compliance with the DSS requirements is mandatory, regardless of the size of the merchant or the number of card transactions they process each year.  You may be required to complete PCI reporting documentation even if outsourcing your payment card processing to a third party. 

What is the role of the PCI Security Standards Council?

  • The PCI Security Standards Council is an open global forum that is responsible for the development, management, education, and awareness of the PCI Data Security Standard (PCI DSS) and other standards that increase payment data security. Founded in 2006 by the major payment card brands American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc., the Council has more than 600 participating organizations that represent merchants, banks, processors and vendors worldwide. It is responsible for the development, management, education, and awareness of the PCI Security Standards, including the Data Security Standard (PCI DSS), Payment Application Data Security Standard (PA-DSS), and PIN Transaction Security (PTS) requirements.
  • Enforcement of compliance with the PCI standards and determination of non-compliance penalties are carried out by the individual payment card brands. 

What is a Qualified Security Assessor (QSA)?

QSA is the designation given to employees of a company/consulting firm that are authorized by the PCI Council to attest that merchants and service providers are PCI compliant.  (You are required to have gone through training and pass a test provided by the PCI Council)

What is PCI Certification?

PCI Certification –  PCI Certification is a term most used by merchants and service providers to claim they are meeting the PCI DSS requirements.  A merchant or service provider only officially states their compliance for a point in time, there is no assurance that their compliance is valid the rest of the year.

Where can I find the list of PCI DSS requirements?

For more information on the PCI DSS requirements and updates, visit the PCI Council website. This website has useful information about the PCI Security Standards Council, the complete PCI DSS requirements for merchants, vendors and security consulting companies, and the Council's certification and merchant support services. It also has regular updates on changes to the PCI requirements and upcoming PCI Council events.

Are there any benefits to PCI DSS compliance?

By properly implementing the PCI DSS and achieving and maintaining compliance, merchants can improve their overall security posture and avoid costly fines and data breaches.  They can be better prepared to prevent and detect a host of attacks against their information assets, both at the network and physical level. PCI compliance can improve operational efficiency by ensuring that policies are defined, and procedures are documented so that employees know what they should be doing and how to do it. Controls, policies and procedures developed for PCI can be rolled out across the organization to spread the security benefits and reap the greatest return on investment from a PCI compliance project. While compliance does not equal security, the PCI standards can serve as a starting point and framework for organizations that wish to create a more secure environment and better protect their customers.

What kinds of organizations may be impacted by PCI DSS compliance standards?

Any organization that transmits, processes or stores payment card data - debit and credit cards included - must comply with the PCI standards. This includes financial institutions, such as banks, insurance companies, lending agencies and brokerage firms. It also includes all kinds of merchants, from medical and dental offices to pharmacies, hospitals, schools and universities, clothing stores, government agencies, cafes, restaurants, and ecommerce companies. It even affects individuals that accept payment cards for purchases, such as those at a farmer's market, food truck or crafts fair.

It also includes service providers such as transaction processors, payment gateways, customer call centers, web hosting providers and data centers, among others.

In addition to the requirements laid out in the PCI Data Security Standard (PCI DSS), the PCI Council has created programs specifically for software developers as well as hardware and device manufacturers, including the Payment Application Data Security Standard (PA-DSS) and the PIN Transaction Security (PTS) program.

What are the PCI DSS compliance validation requirements for different merchant levels?

In addition to meeting the security requirements of PCI DSS, merchants and service providers must also validate their compliance each year, as outlined in the table below. All merchants and service providers, regardless of where they are based, must submit a passing vulnerability scan performed by an Approved Scanning Vendor (ASV) regardless of their size or the number of credit card transactions they process each year.

Level 1 merchants (greater than 6 million transactions per year) and Level 1 service providers (greater than 300,000 transactions per year) must also undergo an annual onsite audit performed by a Qualified Security Assessor (QSA) or by an employee of the company who has gone through the PCI Internal Security Assessment Training Program.

Level 2, 3 and 4 merchants and service providers must complete a PCI Self-Assessment Questionnaire (SAQ) along with an Attestation of Compliance. Once completed, validation results and documented compliance controls must be submitted to the merchant's acquiring bank. It is important to note that requirements may vary depending on the payment card. For example, Level 2 merchants that accept MasterCard must have more rigor than just the SAQ self-assessment that applies to Levels 3 - 4.  MasterCard specifies that as of June 30, 2012, Level 2 merchants that choose to complete an annual SAQ questionnaire must ensure that staff engaged in the self-assessment attend PCI SSC ISA Training, and must pass the associated accreditation program annually in-order to continue the option of self-assessment for compliance validation. Alternatively, Level 2 merchants may, at their own discretion, complete an annual onsite assessment conducted by an approved QSA rather than complete an annual self-assessment questionnaire.

It is also important to note that if a Level 2 - 4 merchant suffers a breach that results in a data compromise, they may be escalated to a Level 1 validation level. [Note: also see Visa's definition of merchant levels, which is largely determined by transaction volume. The MasterCard and American Express definitions of merchant levels are similar to Visa's.]

Request for In-House Training

Our inhouse support team will get back to you soon.

Get a custom Quote »

drop us a query

Customer Reviews

what our customers say about training

Iqbal Ahmed

The overall experience was good, trainer of the course was also very friendly and helpful

Iqbal Ahmed
Project Manager at Saudi Ericsson Communications Co Ltd

Subramanian K

Good Training Experience

Subramanian K
Defiance Technologies Limited (A Hinduja Group Company)

Gaurav Rao

The trainer was excellent for the Workshop

Gaurav Rao
Associate-IT

Amit beria

The trainer is experienced and Good

Amit beria
Project Manager

Ehab Hafez

Very good training I will recommend ot to my colleages

Ehab Hafez
Regional Customer Success Director

Neelam Sharma

Good Training content equipped with practical examples

Neelam Sharma
Senior Manager at Royal Bank of Scotland

Asmahanne Ibrahim

The speaker & material was Excellent. The speaker was well prepared

Asmahanne Ibrahim
General Services Manager at Mubadala Petroleum

Hilda Johnson- Bogaerts

Training was well organized

Hilda Johnson- Bogaerts
Group Office Administrator-The Selwyn Foundation

Selo Ginandja

Training was organized well

Selo Ginandja
Sr. Design & Application ENGINEER

E Jabastin Charles

The training is Really useful & required for future Fulfilled the requirements.

E Jabastin Charles
Team Leader

Satish Daivajna

The training was very Good

Satish Daivajna

Vikas Jakate

Program was very good & interesing & the faculty was good

Vikas Jakate
Asst.Vice President - Technology Centre ( Apparatus )

Noura Al Shamisi

The training was very interesting and helpful. I really learned a lot and I wish to thanks. The trainer is very helpful and energetic staff. The experience overall was enlightening

Noura Al Shamisi

Johhny Mauchline

Good Engaged presentation by the Speaker

Johhny Mauchline
Business Development and Operations Manager - EIS Automation & Electrical

Della Saunders

Training was awesome, Group discussions facilitated by our instructor were great inout from Varied industries showed Common and differing issues and where Ideas to Improve could be translated Industry to industry

Della Saunders
Research Grant Development, Writing & Editing Manager - Faculty of Medicine, University of Toronto

Ariful Islam

This is the such type of course. Who want to accelerate his professional achievementhigher then need to do it.

Ariful Islam

Bala Baskar

Overall Good Experience & the trainer was good

Bala Baskar
Sr.Manager - Program Management at Locuz Enterprise Solutions Ltd

DINESH BHARDWAJ

The training was very professional & the trainer was excellent in delivering the training

DINESH BHARDWAJ
Senior Manager - IT Program Management at Juniper Networks

Mr.Vincent Biauce

Very Structured Training

Mr.Vincent Biauce
Project Management Office at BKCP

Mahmoud Ahmed Sabry

I think this only thing I feel your way is very good

Mahmoud Ahmed Sabry
Civil Engineer

Holly Mego

Knowledgeable well presented presentation

Holly Mego
Divestment Officer

Nicholle Beniekerian

Very nice instructor, who was very informative

Nicholle Beniekerian
International Marketing at UBIMET

Syed Sami

The training is good

Syed Sami
Sr. Project Manager at ABANA Enterprises Group Co.

Atika Agustine

Nicely arranged, &the content will be good for daily activities nicely delivered

Atika Agustine
Process Engineer at PT. Indocement Tunggal Prakarsa Tbk.

Abdulrahman Ehab Sherazy

The training was excellent for me. I am fully satisfied and I got and have learnt more than what excepted

Abdulrahman Ehab Sherazy
Senior Architect at Midrar Development Management

Nicki Burns

Good Trainer, good location, good organisation and good group and the real life case examples which are used in the session was very useful

Nicki Burns
Marketing and Communications Officer chez Codalis SA

Taimur Khan

The quality of training was very useful for me

Taimur Khan

Sopheak Sam

Content is Straight to the point Sufficient details, Great Course provided an well overview on Agile

Sopheak Sam
IT Applications Developer

Nick Kerr

Bette is Very good presenter

Nick Kerr
National Product Development & Quality Manager at Hynds Pipe Systems

Jamie Fisher

Training was well organized

Jamie Fisher
Project Engineer

Mohammad Ashraf

It was nice to be part of course and good learning experience

Mohammad Ashraf
Project & Planning Specialist

Nitin AG

The training was experienced. Overall Good experience

Nitin AG

Lance Willson

Facilitator Rehana was Excellent always provided answers even if it was required a source research.

Lance Willson
Construction Programming Expert

Rafal Kolodziejski

Very Interesting Course with Valid Input for people

Rafal Kolodziejski
Commercial Development Manager at Wilhelmsen Techncial Solutions

Ramy Ezzedine

The registration process is easy and customer service is very good

Ramy Ezzedine

Krystal Cheng

Lecture is very helpful

Krystal Cheng
Sales and Project Manager

Uttara Kavatekar

Trainer is very Good And knowledgeable about the subject

Uttara Kavatekar

Manu Krishnan

Trainer was good & shared lots of information with regards to the main areas of the Course

Manu Krishnan
Project Engineer

Liv Moen

The training was good, adopted to our needs

Liv Moen
Project Manager

Keith Smith

Good Knowledge + Examples covered a Lot of materials as well

Keith Smith

Dina Aboul Fotouh

The instructor has a great caresma and she is very loving person to hear from.

Dina Aboul Fotouh
Country Sales Manager at Good New4me

Suman Chisty

Very Good

Suman Chisty
AVP and Unit Head of General Administration & Logistics at BRAC Bank Limited

Debbie Brupbacher

Training was Good

Debbie Brupbacher
EU Transformation - Snr Manager

Amanda Marchan

Training was Excellent, Trainer was very Experienced and very helpful, I learned a lot from the course that i can apply to my work

Amanda Marchan
Project Manager

Katherine Pareja

Overall experience was positive,material provided was good and instructor answered questions effectively and interaction and exercise were helpful in learning concepts.

Katherine Pareja
IT Applications Developer

Sungjee Kim

Training was good

Sungjee Kim
Defiance Technologies Limited (A Hinduja Group Company)

Kim Campbell

The instructor saved the day . This would be meaningful learning experience.

Kim Campbell
Sr, HR Manager at Sierra Systems

Mai Yousri

Trainer above expectation

Mai Yousri
Cards Portfolio Manager- Marketing Department

Keshab

Overall Good Experience

Keshab
Sr. Manager-Technical Publications