Upgrade to PCI DSS v4.0 with peace of mind
Organizations that store, transmit or handle bankcard data all have a growing stake in the security of this data, and this is all the more true with the publication of the European regulation on the protection of personal data (GDPR). Faced with the risks of fraud, the PCI Council has developed standards aimed at protecting bankcard data.
This one-day express training course is here to explain everything you need to know about developments relating to PCI DSS v4.0, so that you can best prepare your organization and drive the necessary changes under the best possible conditions.
- The PCI DSS standard in brief
- Presentation of the changes from PCI DSS v3.2.1 to v4.0
- Understanding the impact on your organization
- Prepare for the necessary changes
Morning: Understanding the changes in v4.0
- What is PCI DSS?
- Review of the different versions of the PCI DSS standard
- Why a new version of the standard? What are the major issues?
- Key dates in the lifecycle of v3.2.1 & v4.0 standards
- Presentation of the nature of the changes made
- Presentation of PCI DSS standard evolutions
- “Defined Approach” vs. “Customized Approach”
- Mandatory requirements immediately for v4.0 audits
- Mandatory requirements later (Best practices before 03/31/2025)
- What about compensatory controls in v4.0?
- What about SAQs in v4.0?
Afternoon: Preparing for change
Understanding the impact on your organization
- New requirements applicable to all entities
- New requirements applicable only to service providers
Preparing for change within my organization
- Requirements with a technical impact
- Requirements with an organizational impact
- Requirements with a contractual impact
- Requirements with an impact on personnel
How to best use the “Customized Approach”
- Risks associated with this approach
- Obligations relating to this approach
- Almond’s recommendations on how to use this approach successfully
Method of Assessment
Validate your knowledge in a fun way with case studies and quizzes
This course is based on alternating theoretical and practical sessions:
- An express one-day format
- Benefit from the wealth of experience of our QSA trainers
Who should attend?
- Directors, CISOs, CIOs, CFOs, buyers, lawyers, human resources managers…
- PCI DSS project managers, security correspondents, auditors, technical architects, operators…”
- Organization already in PCI DSS RUN phase for v3.2.1 standard
- Organization currently undergoing v3.2.1 certification
- Organization in the process of BUILD PCI DSS on v3.2.1
How and when to access
The participant is considered registered when:
- The prerequisites and needs are identified and validated
- The training agreement is signed
Registration requests can be sent up to 10 working days before the start of the training.
Whether you are recognized as having a disability or not, making our training accessible to everyone is part of our commitment.
If you need compensation or adaptation for the content, the supports, the “venue”, the material used, the schedules, the rhythm, we are at your disposal.
To go further
This training course is a preparation for the following training course:
1 day (7 hours)
€ 1000 excl.tax
Download the training sheet in PDF format
Would you like more information?
+33 (0)2 55 59 01 11