Sunday, February 17, 2013

PCI Workshop: Something for Everyone

I have received a few questions on the upcoming PCI Workshop, and I wanted to address them to avoid any misunderstanding.  Specifically, the Institute wants everyone to know that:

  • The PCIP education is part of the Workshop 
  • The PCI Workshop is for for business, finance, treasury, and everyone involved in PCI compliance 
  • Attendees do not need to take the PCIP exam; pursuing the credential (at a discount) is a bonus
  • There are parallel sessions for advanced PCI practitioners.  

Everyone in the Higher Ed community should understand what a great program the Treasury Institute has put together for you this year.

The first thing to know is that the PCI Professional (PCIP) education is included as part of the workshop.  There is no extra charge, and you do not have to register separately.  In past years the Institute always provided a half-day update and PCI refresher, which, with the morning PCI 101 session actually stretched to take up most of one full day.  This year we again have a full-day (Monday afternoon plus Tuesday morning) of in-depth PCI education.  The differences are that it will be delivered by the Director of Training for the PCI Security Standards Council (!), and it gives attendees the option (see below) of earning their PCIP credential.  The PCIP education is available to all attendees as part of the PCI Workshop.

I have pointed out that the normal cost of this education alone is more than twice what the Institute charges for the workshop.  It is, therefore, also a pretty great deal for attendees.  One reason for the great value is the fact that the Treasury Institute's not-for-profit status; the other reason is the generous sponsors.  We all need to be thankful for the great support of the PCI Workshop's sponsors listed on the registration page.

Someone saw that we had two tracks this year, and they questioned whether the PCI Workshop was still primarily focused on the Treasury Institute's core audience of finance, treasury, and business professionals.  The clear answer is: yes.  The PCIP education, for example is not exclusively IT-focused.  As the PCI Council states on its website, the training is "for industry professionals who demonstrate their expertise in and understanding of PCI standards."

The agenda (see below) has two tracks this year for the first time.  This change is in response to requests from attendees for separate sessions to address areas of primary interest to them.  The PCIP training is for everyone.  The separate sessions Tuesday afternoon offer one track that is more business process focused, and another that is more IT-focused.  My guess is that some attendees will go back and forth between sessions and tracks (which I plan to do, too!).

Another question I got was whether attendees had to take the PCIP examination.  The answer is a simple: no.  The choice of taking that test after the Workshop is entirely yours.  The PCI Council offers PCI Workshop attendees a discount (making the whole thing an even better deal!).  My guess is that many if not most attendees will want to leverage the opportunity to earn the PCIP credential.  However, if you only want the great education, that is fine and you and your institution are ahead of the game.

Lastly, what if you are already an Internal Security Assessor (ISA) or already have your PCIP?  The PCI Workshop is still for you. You can attend the PCIP education, and use it as a refresher (and get Continuing Education hours).  Or you can choose to attend the parallel, more advanced sessions.  We are having two tracks this year as you can see by the agenda (click here), so there is something for everyone.  I have been working with a number of Higher Ed professionals who have either or both their ISA and PCIP credentials, and they are looking forward to the PCI Workshop as much as anyone.

Bottom line: the Treasury Institute's PCI Workshop remains the premier event for Higher Education institutions to receive PCI DSS education.  I look forward to seeing many of you there.  Click Here to learn more, download the agenda, and register online.  


  1. Thanks for the info. As a person involved with PCI for the last 7 years from a business perspective, can you clarify whether this satisfies the PCIP prerequisite for "at least 2 years of work experience in an IT or IT-related role" (see page 3 of the PCIP Qualification Requirements, v1.1)?

    1. I would say that yes, your experience would count. The key phrase is "work experience." The phrase "IT-related" can include managing compliance, auditing, and any similar role.


  2. PCI education is really supportive. I am interested in more advance sessions to learn more. I will prefer IT-focused wing to learn well. Our team of PR and Advertising Institute also learning new aspects.