PCATS and the National Association of Convenience Stores (NACS) have partnered with Coalfire Systems, Inc., an information technology (IT) audit and compliance firm, to deliver an intensive educational boot camp, on January 20, that teaches about payment card industry (PCI) compliance requirements, including deadlines, merchant levels and reporting; including completing a self assessment questionnaire (SAQ). The PCI compliance report and audit scope will be reviewed, as well as a complete overview of the 12-step process to validate compliance.
The chief information officer (CIO) data security boot camp is part of the data security track, during the PCATS 2011 Annual Conference in New Orleans, Louisiana. Data Security Boot Camp attendees may receive 12 full continuing professional education (CPE) credits for attending the 1 day boot camp.
The vendor-neutral data security boot camp is intended to empower CIOs within the c-store industry by reviewing the processes and practices currently in place to support the flow of information and providing them with the steps necessary to protect customer data and better support their enterprise goals. It will help merchants understand the compliance requirements accurately and get advice on various approaches they can take to achieve proper compliance.
The real cost of a data breach is more than most retailers think—and they’re more at risk than they know. Merchants that do not comply with the Payment Card Industry Data Security Standard (PCI DSS) may be subject to fines, card replacement costs, costly forensic audits, and brand damage should a breach event occur. The cost of guessing wrong about the meaning of any PCI requirement is high. This boot camp will help merchants understand the compliance requirements accurately and get advice on various approaches they can take to achieve compliance.
The discount registration fee for the CIO data security boot camp is $799 for PCATS members and $899 for non-members until January 8, 2010. It includes access to the PCATS Annual Conference and related events. The cost after January 8 will be $899 for members and $999 for non-members. Click Here to register for the boot camp.
Click here to read the press release about the CPE credits at the CIO Boot Camp
Click here to read the press release about the CIO Boot Camp
|
|
Topic |
Description |
Time |
|
1 |
General PCI Reporting and Compliance Requirements |
Learn the structure of the entire PCI program and how to identify your responsibilities. |
8:00-8:30am |
|
2 |
The Cardholder Data Environment, Part I: Defining the CDE & its Implications |
Defining the Cardholder Data Environment (CDE) is the key to understanding the real requirements and costs affecting your organization. Learn how to accurately define it and how it impacts your overall compliance strategy. |
8:30-10:00am |
|
|
Break |
|
10:00am-10:15am |
|
|
The CDE, Part II: Reducing the Scope of the CDE |
Many organizations do not look for ways to simplify their environment and reduce the scope of compliance. Learn the tips and tricks to reduce the size and impact of your PCI requirements and save cost. |
10:15am-11:45am |
|
|
Lunch |
|
11:45am-12:15pm |
|
3 |
Building a Compliance Program, Part I: Assessment Preparation |
PCI compliance should be an ongoing program within your organization, rather than a once-a-year event. Learn the phases of a successful program and how to manage the cycle for successful outcomes. |
12:15-1:15pm |
|
|
Building a Compliance Program, Part II: Gap Analysis |
Don’t be surprised by the findings of your audit or SAQ. Identify your gaps in advance using the NACS EZ-PCI tools in order to fend off last-minute hang-ups. |
1:15pm-1:45pm |
|
|
Break |
|
1:45pm-2:00pm |
|
|
Building a Compliance Program, Part III: Remediation |
Learn how to apply gaps identified in your pre-assessment to your CDE definition in order to optimize your remediation activities. |
2:00pm-2:30pm |
|
4 |
Applying the Requirements: DSS Requirement 1-12 |
Deep dive through all of the requirements and learn the correct definition and applicability of each PCI DSS control. This section is led by a QSA to give you the “straight dope” direct from an authoritative source. |
2:30pm-5:00pm |
Follow Us: