PCI Credit Card Security Risk, Readiness & Compliance for Financial Institutions

Compliance Information Technology Operations Security & Fraud ACH & Card Services IT & Cybersecurity Fraud

On-Demand Webinar

StreamedApr 30, 2024Duration90 minutes

Unlimited & shareable access starting two business days after live stream
Available on desktop, mobile & tablet devices 24/7
Take-away toolkit
Ability to download webinar video
Presenter's contact info for questions

See Registration Options

PCI compliance is no joke.

This session will describe the latest updates to the compliance standard, present solutions to common adherence challenges, and provide clear strategies for managing the risk and compliance needs related to credit card security. If some of the nuances might be new to you or need refreshing, consider this convenient opportunity to get the latest information.

AFTER THIS WEBINAR YOU’LL BE ABLE TO:

Explain how the core elements of the PCI DSS apply to financial institutions
Define key challenges in managing a PCI compliance program
Describe how to determine and define the scope of a PCI Cardholder Data Environment (CDE)
Distinguish between PCI controls that are the responsibility of third-party service providers (TPSPs) and controls that are the responsibility of the financial institution
Explain how a well-functioning PCI compliance program can support and enhance an institution’s risk management program

WEBINAR DETAILS

The PCI DSS (Payment Card Industry Data Security Standard) has been in place for over 15 years. In that time, the standard has had three major revisions, including the release of version 4 in the first quarter of 2022. Financial institutions find themselves functioning in multiple roles: card issuers, acquirers, merchants, and service providers. This session will address common misconceptions and challenges seen in financial institutions including:

“The card data is all encrypted, so we don’t have to worry about it.”
“We outsource to XYZ so we are not responsible for compliance.”
“No one has asked us for a compliance report.”
“We can’t make the core system compliant so there is no point in the rest of it.”
“There is no electronic card holder data in our VoIP system or our data warehouse or….”

WHO SHOULD ATTEND?

PCI compliance is a business issue, not solely an IT issue. This informative session is designed for people with responsibility and oversight in the following areas: risk management, internal audit, vendor management, card services, IT and cyber operations, and risk management and compliance.

TAKE-AWAY TOOLKIT

Schedule of required periodic PCI compliance activities
List of required evidentiary documents for PCI compliance
PCI CDE scope analysis flowchart
Excel framework mapping tool for alignment of PCI controls with other compliance frameworks such as FFIEC
Links to important resources
Employee training log
Interactive quiz
PDF of slides and speaker’s contact info for follow-up questions
Attendance certificate provided to self-report CE credits

NOTE: All materials are subject to copyright. Transmission, retransmission, or republishing of any webinar to other institutions or those not employed by your institution is prohibited. Print materials may be copied for eligible participants only.