Role-based PCI DSS Compliance Training

Targeted awareness modules for every role in your organization

Security awareness training is a critical component of PCI DSS compliance. Ensuring that all employees, including those not directly involved in payment card processing, understand the importance of safeguarding sensitive cardholder data is mandatory for most every organization across the world. Role-based training from SANS keeps all employees up-to-date on the latest security threats and best practices as they relate to each individual’s compliance responsibilities.


What is PCI DSS?

Download our tip sheet to learn more about the PCI Data Security Standard and how you can achieve and maintain compliance while mitigating the human factor.

  • Why the standard was created and who it serves
  • Which organizations are required to be compliant
  • Differences between the technical controls and human controls required
  • How security awareness training contributes to compliance
Sample Learning Path

How Role-Based PCI DSS Training Works

Role-based modules include

Module NameDescriptionTypical Roles
Introduction to PCI DSSWhat is PCI DSS, how can organizations demonstrate compliance, and who benefits from this set of standards?Applies to all roles
PCI DSS for Customer-facing TeamsAddressing the specific requirements of customer-facing employees in relation to the objectives of the PCI DSS standard.customer sales and support, cashier, payment processor, customer service representative.
PCI DSS for Back-office TeamsConcentrates on requirements specific to the processing of cardholder data in roles that do not interface directly with customers.analyst, product manager, customer support, virtual assistant, and marketing specialist
PCI DSS for System AdministratorsReviews the PCI DSS objective's requirements as they relate to IT system administrator, service and repair specialist, computer systems analyst, and IT administrator
PCI DSS for Network AdministratorsUnderstand the consequences related to network security in relation to PCI DSS administrator; network architect; and service desk analyst.
PCI DSS for Application DevelopmentMaintain the development of software applications in accordance with PCI DSS while incorporating information security throughout development life cycles.ecommerce web developer, application development team member, and database or enterprise developer.
PCI DSS for ManagersDesigned to enable management roles to develop best practices by empowering teams to protect cardholder data effectively.department manager, store manager, vendor manager, customer experience specialist.

By focusing on job-specific compliance measures, employees are more likely to retain and apply the training knowledge because they are directly applicable to their daily work activities. Role-based PCI DSS compliance training can help organizations reduce the risk of privacy and data breaches and improve compliance more efficiently and effectively.