CPSCMLOGO2

Certify as a Payment Security Compliance  Manager with CPSCM Workshop.

Join our CPSCM Workshop for comprehensive training on the entire PCI DSS Suite including PCI DSS, PCI PIN, PCI 3DS, PCI SAQ, UPI, Mobile Wallets and beyond. This comprehensive workshop shapes professionals to unlock expertise in payment security compliance. Secure your role as a leader in the evolving landscape of payment security.

READ MORE
pricedetails

If you are a member of ISACA and/or ISC2, please mention your Chapter Name, Membership Number or mention 'NA' if not applicable.

Who Should Attend?

Why Attend CPSCM?

Payment Security Officers
Compliance Managers
Auditors
Risk Management Professionals
Stay relevant with the latest security trends.
Gain practical knowledge through hands-on workshops.
Enhance your career with a recognized                  certification.
Connect with industry experts and peers.

What to Expect from Certified Payment Security
Compliance Manager Training Program?

Understanding the
PCI Suite of Standard

Delve into the details of PCI DSS requirements, from data discovery to compensating controls. Explore synergized compliance approach and gain insights into the broader suite of payment standards beyond PCI DSS, including PCI PIN, PCI 3DS, PCI P2PE, PCI CP, SSF, and SWIFT.

11234

BUILDING THE FOUNDATION

Dive into the background and evolution of the payment industry, understanding the intricacies of payment transaction flows, and exploring the roles and responsibilities of entities within the payment ecosystem. Get acquainted with the various form factors for payment and payment channels, staying up to date with the latest changes in PCI DSS v4.0.

Emerging Payment Technologies

Uncover the intricacies of SWIFT, UPI, Mobile Payments, QR Codes, and Contactless Payments. Learn their architectures, security measures, transaction flows, and global adaptability, ensuring a comprehensive understanding of the diverse landscape of modern payment technologies.

Maintaining Compliance

Grasp the nuances of maintaining compliance, the frequency of activities for PCI DSS annual revalidation, and the crucial aspects of report review. Explore the PCI DSS resources and knowledge library, culminating in a practical case study to reinforce your understanding.

Why CPSCM Training Program Is Important?

Comprehensive Understanding : CPSCM provides participants with a comprehensive understanding of the payment industry’s intricacies, covering everything from the evolution of payment methods to the latest standards like PCI DSS v4.0.

Risk Mitigation and Compliance : By combining risk assessment methodologies and in-depth discussions on control requirements, participants gain the expertise to implement robust security measures. This knowledge is crucial for mitigating risks and ensuring compliance in an ever-evolving regulatory landscape.

Adaptability to Emerging Technologies : The program goes beyond traditional payment methods, delving into emerging technologies such as mobile payments, QR codes, and contactless payments. This knowledge is essential for professionals who need to stay ahead of the curve in a rapidly changing industry.

 Industry-Relevant Insights : Led by industry experts, CPSCM offers insights into the roles and responsibilities of entities within the payment ecosystem. Participants gain practical knowledge that is directly applicable to their professional roles, making them valuable assets to their organizations.

Global Perspective : Understanding the global adaptability of payment technologies is crucial in today’s interconnected world. CPSCM equips participants with insights into different payment channels, ensuring they can navigate the complexities of both local and international payment ecosystems.

Practical Application : CPSCM doesn’t just impart theoretical knowledge; it includes case studies and discussions from a Qualified Security Assessor (QSA) standpoint. This practical application ensures participants are not only well-versed in theory but also equipped to apply their knowledge in real-world scenarios.

Why CPSCM Training Program Is Important?

Benefits EXP

What Will You Learn?

Background and Evolution of the Payment Industry
ghP224jUudEAAAAASUVORK5CYII= ​Elements of the card and importance of card data (Track data, CCV, PAN, PIN)
ghP224jUudEAAAAASUVORK5CYII=  ​Payment transaction flow (Card present and Card not present)
ghP224jUudEAAAAASUVORK5CYII= Stages of payment processing (Authentication, Authorization, Clearing and Settlement)
ghP224jUudEAAAAASUVORK5CYII=  ​Roles and Responsibilities of various entities involved in payment ecosystem
ghP224jUudEAAAAASUVORK5CYII=  ​​PCI SSC and responsibilities/differences b/w ISA, QSA, PCI SSC and ASV
Various form factors for payment and Payment Channels
ghP224jUudEAAAAASUVORK5CYII= ​Cards
ghP224jUudEAAAAASUVORK5CYII=  ​​Mobile Money
ghP224jUudEAAAAASUVORK5CYII= Wearables – Digital Devices
ghP224jUudEAAAAASUVORK5CYII=  ​Contactless
ghP224jUudEAAAAASUVORK5CYII=  ​​​QR Codes
What’s new with PCI DSS v4.0
ghP224jUudEAAAAASUVORK5CYII= Transition timelines – v3.2.1 to v4.
ghP224jUudEAAAAASUVORK5CYII= Goals and summary of changes
PCI DSS – On-Prem, Cloud, Shared – What’s Different?
ghP224jUudEAAAAASUVORK5CYII= Type of PCI DSS environments
ghP224jUudEAAAAASUVORK5CYII= What to look for when hosting system components in the different types of cloud environment
ghP224jUudEAAAAASUVORK5CYII= Shared Responsibility Matrix
Risk Assessment
ghP224jUudEAAAAASUVORK5CYII= Combination of NIST, OCTAVE, and ISO Risk assessment
ghP224jUudEAAAAASUVORK5CYII= TRA – Targeted Risk Analysis as part of PCI DSS v4.0
Self-Assessment Questionnaire (SAQ)
ghP224jUudEAAAAASUVORK5CYII= Merchant and service provider levels
ghP224jUudEAAAAASUVORK5CYII= Applicability and different types of SAQ
Implementing PCI DSS requirements
ghP224jUudEAAAAASUVORK5CYII= Detailed discussion on Requirement 1 To 3 of PCI DSS and sub-requirements
ghP224jUudEAAAAASUVORK5CYII= Best practices from a QSA standpoint
ghP224jUudEAAAAASUVORK5CYII= Importance of Data Discovery and other tools to implement PCI DSS requirements
Implementing PCI DSS requirements
ghP224jUudEAAAAASUVORK5CYII= Detailed discussion on Requirement 4 To 12 of PCI DSS and sub-requirements
ghP224jUudEAAAAASUVORK5CYII= Best practices from a QSA standpoint
ghP224jUudEAAAAASUVORK5CYII= Compensating controls
ghP224jUudEAAAAASUVORK5CYII= Differences b/w Defined and Customized approach
ghP224jUudEAAAAASUVORK5CYII= Synergized compliance for PCI DSS
Overview of all the other Payment and PCI suite of standards
ghP224jUudEAAAAASUVORK5CYII= ​​PCI PIN, PCI 3DS, PCI P2PE, PCI CP, SSF and SWIFT
ghP224jUudEAAAAASUVORK5CYII= Are these standards interrelated?
PCI 3DS
ghP224jUudEAAAAASUVORK5CYII= PCI 3DS data flow – Architecture review
ghP224jUudEAAAAASUVORK5CYII= ACS, DS and 3DSS
ghP224jUudEAAAAASUVORK5CYII= Overview of the PCI 3DS requirements and dependency on PCI DSS
PCI SSF
ghP224jUudEAAAAASUVORK5CYII= Transition timelines b/w PA DSS and SSF
ghP224jUudEAAAAASUVORK5CYII= Changes b/w PA DSS and SSF
ghP224jUudEAAAAASUVORK5CYII= SSF – S3 and SSLC Applicability
PCI CP – Logical and Physical
ghP224jUudEAAAAASUVORK5CYII= Architecture review – Layout (Physical and Logical)
ghP224jUudEAAAAASUVORK5CYII= Overview of requirements
SWIFT
ghP224jUudEAAAAASUVORK5CYII= Different architectures and applicability of SWIFT
ghP224jUudEAAAAASUVORK5CYII= SWIFT – CSCF 2023 framework
UPI – Unified Payment Interface
ghP224jUudEAAAAASUVORK5CYII= What is UPI, and what are the advantages of using UPI
ghP224jUudEAAAAASUVORK5CYII= Security behind UPI vs. other form factors of payment
ghP224jUudEAAAAASUVORK5CYII= Sample UPI transaction flow
ghP224jUudEAAAAASUVORK5CYII= Adaptability of UPI as a form factor of payment across the world
Mobile Payments
ghP224jUudEAAAAASUVORK5CYII= What are mobile payments
ghP224jUudEAAAAASUVORK5CYII= Advantages of mobile payments
ghP224jUudEAAAAASUVORK5CYII= Security of mobile payments
ghP224jUudEAAAAASUVORK5CYII= Sample mobile payment transaction flow
ghP224jUudEAAAAASUVORK5CYII= Global Adaptability of mobile paymentss
QR Codes
ghP224jUudEAAAAASUVORK5CYII= What are QR Code payments
ghP224jUudEAAAAASUVORK5CYII= Advantages of QR code
ghP224jUudEAAAAASUVORK5CYII= Security of QR code payments
ghP224jUudEAAAAASUVORK5CYII= Sample QR payment transaction flow
ghP224jUudEAAAAASUVORK5CYII= Global Adaptability of QR code payments
Contactless Payments
ghP224jUudEAAAAASUVORK5CYII= What are Contactless payments
ghP224jUudEAAAAASUVORK5CYII= Advantages of Contactless payments
ghP224jUudEAAAAASUVORK5CYII= Security of Contactless payments
ghP224jUudEAAAAASUVORK5CYII= Sample Contactless payment transaction flow
ghP224jUudEAAAAASUVORK5CYII= Global Adaptability of Contactless payment
Maintaining compliance
ghP224jUudEAAAAASUVORK5CYII= Requirements overview and summary
ghP224jUudEAAAAASUVORK5CYII= PCI DSS Annual Revalidation – Frequency of activities to be performed
ghP224jUudEAAAAASUVORK5CYII= Report review – ROC and AOC. What to look for?
ghP224jUudEAAAAASUVORK5CYII= PCI DSS resources and knowledge Library
ghP224jUudEAAAAASUVORK5CYII= Case study – PCI DSS

Contact Us

arrowrightcu

HEARD
ENOUGH?