PCI DSS Services
- Enterprises
- Small businesses
PCI DSS Consultancy
PCI DSS Testing
- ASV Scanning
- Pen Testing
PCI DSS Documentation
PCI DSS Training
PCI DSS Resources
Blog
Why choose IT Governance?
Speak to a PCI DSS expert

PCI Staff Awareness and Training

Staff awareness and training is fundamental for effective information security management and for meeting regulatory and compliance requirements. In order for an organization to comply with the Standard, a formal security awareness program must be implemented.

Personnel must be trained upon being hired, and receive refresher training at least once per year. Employees must also acknowledge that they have read and understood the security policy and procedures at least once per year.

Why is security awareness important?

One of the biggest risks to an organization’s information security is often not a weakness in the technology control environment but an action, or inaction, by employees and other personnel that can lead to security incidents. For example, disclosing information that could be used in a social engineering attack, failing to report observed unusual activity and accessing sensitive information unrelated to the user’s role without following the proper procedures.

Did you know?

Among companies that have experienced data breaches, internal actors were responsible for 43% of data loss, half of which were intentional and half accidental (McAfee, Grand Theft Data).

IT security practitioners are nearly split - 51% to 49% who poses the greatest threat: external adversaries versus trusted insiders (Trustwave, 2017 Security Pressures Report).

50% of companies now believe security training and awareness for both new and current employees is a priority (Dell, Protecting the organization against the unknown - A new generation of threats).

Helping you to develop a comprehensive security awareness training plan

We offer staff awareness and training courses (both classroom and in-house) for all staff, from foundation-level to advanced courses for IT practitioners and lead implementers seeking compliance with the Standard.

Staff Awareness e-learning

Get your staff trained in payment card security.

Part of the ITG e-learning staff awareness suite, this online course is designed to increase employees’ awareness of the Payment Card Industry Data Security Standard (PCI DSS) requirements, and to provide clear and simple explanations of what companies and individual employees must do to meet those requirements.

Avoid employee actions that might lead to a data breach.

Buy now >>

PCI DSS Foundation Training Course

Gain an understanding of the 12 requirements.

Developed by a Qualified Security Assessor (QSA), this one-day training course builds a clear understanding of the PCI DSS and allows you to plan a cost-effective, time-efficient compliance project.

Delivers practical guidance on how the Standard applies to your organization.

Buy now >>

PCI DSS Implementation Training Course

Learn how to implement a PCI DSS compliance programme.

This three-day course provides practical coverage of all aspects of implementing a PCI DSS compliance program.. Successful candidates will be awarded the PCI DSS Implementation (PCI IM) qualification by the International Board for IT Governance Qualifications (IBITGQ).