The use of an Integrated Security Management System (ISMS) and the high level description of the 12 major requirements in PCI DSS

1. Introduction to the Payment Card Industry Data Security
Standard (PCI DSS)
Key Take Away
This webinar will give you an understanding of PCI DSS its history, high level description, compliance, and impacts to
your organization.
Overview
The Payment Card Industry Data Security Standard (PCI DSS) is one of few successful industries developed and
maintained data security standards. Mandated compliance with a payment network enforced data security standard
dates from 2001 when Visa instituted the Cardholder Information Security Program (CISP). It has evolved into the
global, card payment industry wide data security standard called PCI DSS.
Each major payment network has specific mandates for organizations that must validate PCI DSS compliance. These
organizations include financial institutions, third party service providers and merchants of all sizes. The principles
specified in PCI DSS can be a guide for all organizations that wish to secure their sensitive data. PCI DSS security
requirements can be applied to any sensitive data on your organization’s network. Your organization need not be
involved with the payments process to benefit from exposure to PCI DSS.
Why Should You Attend
This Webinar will prepare your organization to understand and potentially use PCI DSS to the organization’s benefit.
Whether involved in the payments industry or not, this webinar will introduce you to PCI DSS, its impacts and its use in
your business.
PCI DSS not only supports those in the payments business but provides insight to vendor managers into companies
that have validated compliance. It can be used by organizations not directly involved with the payments business. It
provides standards for security policies, technologies and ongoing processes that protect systems and networks from
breaches and theft of sensitive data.
Areas Covered In This Webinar
History of PCI DSS:
 The history of Visa’s Cardholder Information Security Program (CISP) that lead to the formation of the Payment
Card Industry Security Standards Council, the keeper of PCI DSSand other data security standards
Webinar Details
Date : August 23rd
Tuesday 2016
Time : 01:00PM ET /
10:00AM PT
Duration: 60 Minutes
Speaker : Marc Perl ,
Owner ,Teknowlogy
Associates.
REGISTER

2. Overview of PCI DSS:
 You will learn the 12 major requirements of PCI DSS and what’s contained in each of the major requirements
What organizations must validate PCI DSS compliance
 A full discussion of all organizations that must validate PCI DSS compliance and those that do not have the
compliance mandate
How is PCI DSS validated?
 You will learn the difference between a Report on Compliance (ROC), all types of Self-Assessment Questionnaires
(SAQ) and attestations of Compliance (AOC).
Differences Between PCI DSS v3.1 and v3.2:
 The major differences in the latest version of PCI DSS, version 3.2 released in April 2016. We will explore the
potential impacts
Strengths and weaknesses of PCI DSS:
 As always, there are pluses and minuses. We will give you the value of our experience with PCI DSS,
compromises and other influencing factors
Risk reduction:
 How validating compliance reduces risk
What your organization should do about PCI DSS:
 The steps that your organization must take to achieve and maintain PCI DSS compliance
 Other standards that PCI SSC publishes and manages
 Sources of information about companies that are PCI DSS compliant
 There are publically available lists of service providers that are PCI DSS compliant
 Other data security standards that your organization may want to consult
Learning Objectives
• The reason that PCI DSS was created
• Why PCI DSS remains a key element in securing the payment system
• The use of an Integrated Security Management System (ISMS)
• The high level description of the 12 major requirements in PCI DSS
• What your organization must do to validate PCI DSS compliance
• The steps that your organization should take to assure annual compliance
Who Will Benefit
• Executive Positions
• Compliance Management Professionals
• Risk Management Professionals
• Vendor Management Professionals
• Data Security Professionals

3. • Network Administrators
• Database Administrators
• Vendor Management Professionals
• Point of Sale Development Professionals
• Software Development Professionals
• Retail Business Owners
• All Businesses that need to protect sensitive data and networks
• Merchants, both face-to-face and on-line
• Third party payment processors
• Any Business accepting payment cards
• Financial Institutions such as Credit Unions and Community Banks
• Municipalities and other Governmental Entities
• Business Ownership Groups
• Non Profit Organizations
Speakers Profile
Marc Perl
Marc Perl brings over 30 years of professional experience to Teknowlogy Associates. Marc’s diverse experience
includes risk management, payments processing, data security, product development, software development and
software quality assurance.
During 20 years at Visa, he was a key member of Visa’s Risk Management team, where he developed and managed
the compliance program for the Payment Card Industry Data Security Standard (PCI DSS) as part of the Cardholder
Information Security Program (CISP). Marc led the team that developed the business requirements for Visa’s Point-to
Point Encryption (P2PE) solution. Marc continues to conduct risk reviews at financial institutions and processors
globally.
As a merchant acquiring expert, Marc built and managed Visa’s Integrated Debit platform to support merchants such as
Walmart, Radio Shack, Kmart and others. Marc also served as project manager for Visa’s Y2K effort and assisted with
the spin-off of Visa’s acquiring processor business into a joint venture with Total Systems Services (TSYS) called Vital
Processing Services.
In addition to his Visa experience, Marc has consulted with organizations as varied as Visa Inc., Jet Propulsion
Laboratories, TSYS Acquiring Solutions and others. His early experience included computer operations, computer
programming, creation of software development methodologies and software engineering. Marc holds a BA from
California State University at Northridge.
AtoZ Compliance, 2754 80th Avenue, New Hyde Park, NY 11040
Email: support@atozcompliance.com
Toll Free: +1- 844-414-1400 Tel: +1-516-900-5509 Fax: +1-516-300-1584
Our support team is available from 9:00AM - 5:00PM Eastern; Monday to Friday