Course Preview
At a Glance
Data breaches can have a devastating impact on organizations and individuals. That’s why the Payment Card industry data security standards (PCI DSS) were developed and why many organizations are required to comply with them.
NAVEX Global’s Payment Card industry data security standards basics course gives learners an overview of their obligations under the PCI DSS. The course also outlines measures employees can take to protect sensitive cardholder data and prevent data security breaches.
What’s the best way to keep cardholder data secure? By ensuring employees have the tools they need to take action to reduce risk. A strong training program equips employees with the information they need to do what’s right and safeguard sensitive cardholder data.

PCI DSS - Speak Up

PCI DSS - Protecting Data
Course Details
- All Learners
Key Concepts Covered In This Course:
- An overview of the PCI DSS
- Purpose of the PCI DSS
- PCI DSS goals and requirements
- Types of information protected by the PCI DSS
- Best practices for handling cardholder data and sensitive authentication data
- Security requirements for card-present and card-not-present transactions
- Examples of common network security risks
- Best practices for securing electronically-stored information
- Guidance on what to do in the event of a security breach
- When to raise concerns or seek help
- Assurance the organization will investigate reports and take action as necessary
- A restatement of non-retaliation policy
- The value of each employee in preserving the organization’s reputation and maintaining an ethical workplace
Reinforce this topic with these two micro learning courses
NAVEX Global suggests these courses that pair well:

Data Privacy: Handling Personal Information
In a world of data breaches and identity theft, organizations today rely on their employees to handle all personal information with extreme care.
Data Privacy: Handling Personal Information

Data Privacy: Managing Fourth-Party Risk
When it comes to protecting data, organizations are responsible for the actions of their third-party business partners. They can also be held responsible for the actions of fourth parties: the vendors and suppliers that those business partners may use.