PCI DSS Free Resources

 

Staff Awareness E-learning catalogue

Staff Awareness E-learning catalogue

Explore our full range of off-the-shelf staff awareness e-learning courses, including multi-course suites. All courses and games can be accessed in SaaS or SCORM formats for hosting on your LMS or ours. We can customise content, translate courses or create bespoke courses upon request.

Download now

 

Appletree Communications – PCI Compliance

Download this case study to see how IT Governance helped this firm find a cost-effective route to achieve and maintain PCI compliance.

Download now

 

PCI DSS Audits – Preparing for success

PCI DSS Audits – Preparing for success

This paper, updated for PCI DSS v4.0, will help organisations understand and prepare for the PCI DSS audit process.

Download now

PCI DSS Compliance – Simplifying your SAQ submissions

PCI DSS Compliance – Simplifying your SAQ submissions

This paper will help organisations understand how to minimise the PCI DSS v4.0 compliance burden by reducing their scope, and how to choose the right SAQ.

Download now

Free PDF download: PCI DSS v4.0 – Preparing for the transition

PCI DSS v4.0 – Preparing for the transition

This paper explains some of the key changes organisations need to be aware of to successfully plan their transition project to PCI DSS v4.0.

Download now

 

 

Reducing the Cardholder Data Environment

Data Sheet – The PCI DSS

Discover IT Governance’s approach of using the PCI DSS as a set of information security controls that can be effectively integrated within a broader cyber security framework to further reduce risk.

Download now

 

On-demand webinars

PCI DSS 4.0: The new requirements and how to comply

Delivered by: John Tracey, GRC Consultant, IT Governance USA

Earlier this year, PCI DSS (Payment Card Industry Data Security Standard) version 4.0 was published. Although the current version (3.2.1) remains valid until March 2024, organisations should prepare to comply with the new requirements.

PCI DSS v4.0 introduces a “customized approach”, where organisations may use their own control to meet the objective of any PCI DSS requirement in place of the defined requirement.

Read more

PCI DSS: Security testing

icon webinar

PCI DSS compliance, especially for RoCs and some SAQs, requires internal and external vulnerability scans, and frequent penetration tests.

Payment card data is a prized commodity for cyber criminals and is usually the main target of attacks against commercial environments. Indeed, the 2017 Trustwave Global Security Report found that more than half of the incidents investigated targeted payment card data.

Read more

PCI DSS: Challenge or opportunity?

icon webinar 1

This webinar will outline the major PCI DSS challenges faced by merchants, and offer recommendations to help achieve and maintain PCI DSS compliance more effectively.

Our consultants will also explain how complying with the PCI DSS can help you meet the requirements of the GDPR. We’ll introduce a set of controls for keeping cardholder data secure, and explain how technologies, processes and procedures can help protect personal data.

Read more

PCI DSS: Audit success in nine essential steps

icon webinar 2

This webinar has been developed to help organisations effectively prepare for a PCI audit and ensure a successful outcome.

Although this webinar focuses on organisations that must undergo a PCI audit, many of the steps are relevant to any organisation that needs to meet the requirements of the PCI DSS.

Read more

PCI DSS: The self-assessment questionnaire

icon webinar 3

Ideal for small merchants and service providers that are not required to submit a Report on Compliance (RoC), a self-assessment questionnaire (SAQ) is a self-validation tool to assess security for cardholder data.

This webinar will provide attendees with the practical knowledge required to identify the right SAQ to achieve full compliance with the PCI DSS.

Read more

PCI DSS: Reducing the cardholder data environment

icon webinar 1

This free webinar provides step-by-step guidance on scoping the CDE. This includes gathering information, defining a perimeter and analysing data flow. The webinar also provides methods for reducing the scope.

Scoping is the first step to gaining or maintaining PCI DSS compliance, and effective scope reduction can reduce the time and cost of becoming compliant.

Read more

PCI DSS: Policies and procedures

icon webinar 5

Requirement 12 of the PCI DSS requires organisations to actively manage their data protection responsibilities by establishing, updating and communicating security policies and procedures aligned with the results of regular risk assessments.

Read more

LEARN
FOR LESS
SAVE 25%