Skip to Main Content
Select regional store:
Train with the ISO 27001 experts | Book your training course today!
PCI DSS Implementation Training Course | Qualified Security Assessor Company

PCI DSS Implementation Training Course

SKU: 4178
Format: USA – Boston, MA
  • Provides a deeper focus on the PCI DSS (Payment Card Industry Data Security Standard) and its implementation.
  • IBITGQ accredited three-day course aimed at those who are responsible for implementing and managing the PCI DSS
  • Fully updated for the recently released PCI DSS v3.2
  • Successful completion of the course and included exam leads PCI DSS Implementation (PCI IM) qualification and 21 CPD/CPE points.
Price: $1,495.00



The PCI DSS Implementation training course outline

This three-day course, fully updated for PCI DSS (Payment Card Industry Data Security Standard) v3.2, provides a comprehensive introduction to the Standard and delivers practical guidance on all aspects of implementing a PCI DSS compliance program.

Practical guidance and real-world examples will be taught, providing attendees with a full understanding of how to implement the different aspects of a PCI program. Day one of this course covers PCI DSS Foundation and days two and three cover the implementation.

PCI DSS Implementation training course benefits 

  Understand PCI DSS best practice

Learn in-depth about the PCI DSS assessment, test procedures, and reporting requirements.

  Delivered by professionals

Gain insight into a QSA auditor’s perspective on scoping and reduction, gap analysis, remediation and auditing issues.

  Interactive study

Take part in interactive sessions that will allow attendees to ask questions relating to their own organisation and cardholder environment.

See what our previous learners think about this course


of delegates passed first time


were happy with the pace of the course


found the course content to meet their expectations


agreed the course content was relevant

Who should attend this course?

This course is designed for individuals responsible for implementing all or part of the technical and business requirements of the Standard, for example:

  • Information security managers
  • Security engineers
  • IT directors
  • PCI DSS project managers

This course is also suitable for consultants seeking to provide PCI implementation advice to their respective client organizations.

Why choose IT Governance for your training needs?

  • We’re a QSA (Qualified Security Assessor) – we’re approved by the PCI SCC (Security Standards Council), which means we regularly audit PCI compliance across a wide range of organisations.
  • Trained by industry experts – our trainers are working consultants with years of practical, hands-on experience.
  • Access your training anywhere – all our course materials are provided as a digital copy, allowing you to access them anywhere and at any time. Documents will be made available 20 days before your course.
  • Business solutions to suit you – whether you’re a multinational wanting us to manage all your training needs or a small business wishing to boost your workforce skills, we offer a range of training solutions. 
Course details

What does this course cover?

  • Outline of payment processes
  • PCI DSS Ecosphere
  • Why the PCI DSS?
  • Where does it apply?
  • The six control objectives
  • The 12 requirements
  • Compliance and enforcement
  • Remediation and non-compliance
  • Compliance structures
  • Self-assessment or audit?
  • Scoping principles of the PCI DSS
  • How to scope for the PCI DSS
  • Scope reduction
  • The 12 Requirements
  • Practical implications of the PCI DSS
  • Documentation and evidence
  • Managing a PCI DSS project
  • How to gain compliance
  • The prioritized approach
  • What is ‘business as usual’?
  • Going beyond the PCI DSS controls

Course agenda

  • The purpose of the PCI DSS and the requirement for protection of cardholder data
  • PCI DSS objectives and intent
  • Related PCI standards and programmes
  • Understand how PCI DSS compliance is enforced by the payment brands
  • Compliance needs for merchants and service providers. Explanation of the different levels
  • Understand how compliance to the standard must be reported by merchants and service providers
  • Overview of the 12 standard requirements
  • Technical Implementation of the requirements
  • Use of IT Governance PCI DSS Documentation Toolkit
  • Project management
  • Maintaining compliance
  • Additional considerations for: call centres, encryption, software development, mobile payments, skimming

What’s included in this course?

  • Full course materials (digital copy provided as a PDF file)
  • The PCI DSS Implementation exam
  • A certificate of attendance

What equipment do I need?

You will need a laptop for the duration of your course and exam.

Course duration and times

Day 1: 9:30am – 5:00pm
Day 2: 9:30am – 5:00pm
Day 3: 9:30am – 5:00pm / 5:30 pm - optional consultancy session.

Exams and qualifications

PCI DSS Implementation exam

Attendees will have the option to take the PCI DSS Implementation (PCI IM) exam set by IBITGQ
(International Board for IT Governance Qualifications) on the last day of the course. There is no extra charge for this exam.

What qualifications will I receive?

Successful candidates will be awarded the PCI DSS Implementation (PCI IM) qualification by IBITGQ.

This course is equivalent to:


CPD points


This course is accredited by the International Board for IT Governance Qualifications (IBITGQ).

You can demonstrate your professional and practical knowledge and expertise by registering your qualification on the IBITGQ/GASQ successful candidate register.

Do I need to bring proof of identity?

Delegates must bring a form of photographic ID with them as the invigilator my request to check it prior to the exam.

How will I receive my exam results and certificates?

  • Provisional exam results will be available immediately on completion of the exam. Confirmed exam results will be issued within ten working days from the date of the exam.
  • Certificates for those who have achieved a passing grade will be issued within ten working days from the date of the exam.
  • Results notifications and certificates are sent directly to candidates by the relevant exam board in electronic format; please note that hard copy exam certificates are not issued.

Can exams be retaken?

Yes, you can retake the exam at an extra cost if you are unsuccessful on the first attempt. You can email us to schedule the retest for the exam.


Are there any prerequisites for this course?

There are no pre-requisites for sitting this course.

Is there any recommended reading?

We recommend that all attendees download and read the free PCI DSS document from the PCI SSC website.

Customer reviews

This website uses cookies. View our cookie policy