|
|
|
|
|
|
Cardholder Information
Security Program
When customers offer their bankcard at the point of sale, over the Internet,
on the phone, or through the mail, they want assurance that their account
information is safe. that is why Visa USA has instituted the Cardholder
Information Security Program (CISP). Mandated since June 2001, CISP is
intended to protect Credit Cardholders data - wherever it resides ensuring
that members, merchants and service providers maintain the highest
information security standard. In 2004, the CISP requirements were
incorporated into an industry standard known as Payment Card Industry (PCI)
Data Security Standards (DSS) resulting from a cooperative effort between
Visa International and MasterCard Worldwide to create common industry
security requirements. PCI DSS is also endorsed by American Express,
Discover and JCB.
This non-technical PCI
Security Awareness Training course (approximately 30 minute presentation) is designed to
educate employees on the fundamental concepts and practices for protecting
cardholder information. Protecting customer data is imperative for business
growth. Therefore it is important that employees understand the fundamentals
of privacy requirements. Participants will be provided an overview of
the Payment Card Industry training requirements, impact of a company's
non-compliance status, and a company's responsibility in protecting
cardholder information. This training meets and/or exceeds the guidelines
set by PCI DSS Annual Security Awareness Training requirements.
Topics covered will
include:
·
Introduction PCI DSS
·
Company System Use
·
Virus Protection (Worms and
Trojans)
·
Social Engineering
·
Information Security (who
is responsible)
·
Password (Creation, Use,
Changes)
·
Data Confidentiality
(Cardholder Information)
·
Desktop Security
·
Password Sharing
·
Incident Handling