There are few areas where training pays bigger dividends than complicated, high risk areas like PCI compliance. The reasons are that the standard is complex, detailed, and if you mess up your institution's reputation (and checkbook) may be at risk.
One of the best sources of information sharing and training is the Treasury Institute's annual PCI Workshop. (Click here for a link to the 2013 Workshop). There institutions of all sizes from across the country (and Canada) come to share experiences, lessons learned, and best practices in achieving PCI compliance on their campus.
The PCI Council also offers an increasingly broad array of PCI training sessions for merchants. If you want the same training as QSAs receive, you can pursue the Internal Security Assessor (ISA) program. There also is PCI Awareness Training for executives and managers -- no previous PCI experience required. A big difference -- and maybe an advantage -- is that attendees in the PCI Council sessions come from all industries, not just Higher Ed. Therefore, these may provide a broader perspective on issues and solutions.
The programs of the Treasury Institute and the PCI Council are complementary, and between them they offer schools a range of options. The only way you can lose is by not doing anything.
Wednesday, August 1, 2012
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment