Skip to main content
Image coming soon

Recognition as the go to expert for PCI DSS compliance at Charles Schwab

$199.00
Adding to cart… The item has been added

A tailored course, built for your situation

Recognition as the go to expert for PCI DSS compliance at the firm

Become the internal reference for clean, repeatable PCI DSS assessments others can replicate

$199 one-time
24-hour access provisioning 30-day money-back guarantee Hand-built implementation playbook
12 modules. 12 chapters per module. 144 chapters total.
12 modules, each with 12 chapters (144 chapters total), text-based, plus downloadable templates and a hand-built implementation playbook delivered alongside course access.

Who this is for

Project Manager in financial services driving compliance-critical initiatives with cross-functional reach

Who this is not for

Individuals seeking certification prep or entry-level compliance training

What you walk away with

  • Lead PCI DSS assessments with confidence and consistency
  • Serve as the internal go-to for interpretation and execution
  • Produce reusable documentation that survives team changes
  • Gain peer recognition for structured, reliable delivery
  • Shape how payment security is operationalized across programs

The 12 modules (with all 144 chapters)

Module 1. Foundations of PCI DSS v4 compliance
Understand the latest requirements, scope boundaries, and enforcement expectations specific to financial institutions.
12 chapters in this module
  1. Introduction to PCI DSS v4
  2. Scope definition and segmentation
  3. Cardholder data flow mapping
  4. In-scope system identification
  5. Self Assessment Questionnaire types
  6. ROC vs SAQ pathways
  7. Role of internal audit
  8. Common missteps in scoping
  9. Documentation expectations
  10. Version 3 to 4 transitions
  11. Compliance timelines
  12. Stakeholder responsibility matrix
Module 2. Building the compliance project plan
Design a realistic, audit-ready project timeline with milestones that align technical and control teams.
12 chapters in this module
  1. Kickoff planning
  2. Workstream coordination
  3. Milestone mapping
  4. Resource forecasting
  5. Dependency tracking
  6. Risk register setup
  7. Approval gate design
  8. Cross team alignment
  9. Status reporting rhythm
  10. Evidence collection schedule
  11. Gap remediation tracking
  12. Final review cadence
Module 3. Stakeholder alignment across IT and security
Secure early buy-in from technical owners and maintain momentum through delivery cycles.
12 chapters in this module
  1. Mapping system owners
  2. Engagement playbooks
  3. Escalation paths
  4. Technical interview prep
  5. Finding common language
  6. Managing competing priorities
  7. Change control coordination
  8. Evidence access negotiation
  9. Remediation ownership
  10. Validation follow up
  11. Status transparency
  12. Post-audit feedback
Module 4. Designing repeatable control assessments
Create standardized templates and workflows that reduce rework and increase accuracy.
12 chapters in this module
  1. Control testing frameworks
  2. Sample size calculation
  3. Testing frequency rules
  4. Objective evidence types
  5. Automatable checks
  6. Manual verification steps
  7. Consistency across teams
  8. Version control for tests
  9. Reviewer calibration
  10. Deficiency categorization
  11. Remediation tracking
  12. Audit trail completeness
Module 5. Documentation that survives scrutiny
Produce clear, complete, and credible audit packages that stand up to regulator review.
12 chapters in this module
  1. Policy alignment
  2. Procedure writing
  3. Narrative clarity
  4. Exhibit organization
  5. Cross-referencing controls
  6. Version management
  7. Retention policies
  8. Storage locations
  9. Access controls
  10. Reviewer annotations
  11. Executive summaries
  12. Glossary inclusion
Module 6. Managing third party service providers
Extend PCI DSS requirements confidently to vendors and cloud partners.
12 chapters in this module
  1. Vendor risk tiering
  2. Contractual obligations
  3. Attestation of Compliance review
  4. Subservice provider mapping
  5. Cloud provider responsibilities
  6. Shared responsibility models
  7. Penetration testing expectations
  8. Incident response coordination
  9. Audit trail access
  10. Compliance monitoring
  11. Downtime implications
  12. Exit strategies
Module 7. Segregation and network segmentation
Establish and validate secure zones that limit cardholder data exposure.
12 chapters in this module
  1. Flat vs segmented networks
  2. Firewall rule review
  3. DMZ design
  4. Jump host protocols
  5. Data flow analysis
  6. Segmentation testing
  7. Router configuration
  8. Switch port mapping
  9. Wireless access controls
  10. Remote access paths
  11. Encryption in transit
  12. Logging requirements
Module 8. Encryption and key management
Ensure cardholder data is protected at rest and in motion using compliant practices.
12 chapters in this module
  1. Data-at-rest encryption
  2. Data-in-transit standards
  3. TLS version compliance
  4. Certificate lifecycle
  5. Key rotation schedules
  6. Key storage security
  7. HSM integration
  8. Cryptographic algorithm
  9. Key custodian roles
  10. Compromise response
  11. Backup encryption
  12. Legacy system exceptions
Module 9. Access control and user management
Enforce least privilege and trace accountability across all system interactions.
12 chapters in this module
  1. Role based access
  2. User provisioning
  3. Segregation of duties
  4. Password policies
  5. Multi factor authentication
  6. Session timeouts
  7. Access reviews
  8. Privileged account control
  9. Logging user activity
  10. Termination workflows
  11. Emergency access
  12. Monitoring exceptions
Module 10. Vulnerability and penetration testing
Run disciplined, evidence-based tests that validate security posture annually and after changes.
12 chapters in this module
  1. Internal vs external scans
  2. Approved scanning vendors
  3. ASV selection
  4. Frequency rules
  5. False positive handling
  6. Remediation timelines
  7. Pen test scope
  8. Social engineering tests
  9. Physical security checks
  10. Reporting formats
  11. Follow up validation
  12. Executive summaries
Module 11. Incident response readiness
Prepare to act swiftly and correctly if a payment data compromise occurs.
12 chapters in this module
  1. Incident definition
  2. Detection mechanisms
  3. Containment steps
  4. Forensic evidence
  5. Notification timelines
  6. Legal obligations
  7. Customer communication
  8. Regulator reporting
  9. Post event review
  10. Breach simulation
  11. Tabletop exercises
  12. Insurance coordination
Module 12. Sustaining compliance year round
Shift from point-in-time audits to embedded, continuous compliance practices.
12 chapters in this module
  1. Ongoing monitoring
  2. Automated alerts
  3. Quarterly reviews
  4. Change impact analysis
  5. New project onboarding
  6. Training refreshers
  7. Policy updates
  8. Audit trail retention
  9. Leadership reporting
  10. Benchmarking progress
  11. Lessons learned
  12. Program evolution

How this maps to your situation

  • When starting a new PCI DSS cycle
  • When onboarding new third parties
  • When remediating audit findings
  • When designing new payment systems

Before vs. after

Before
PCI DSS work happens in cycles, led by external teams or siloed within security.
After
You lead the internal rhythm of PCI DSS with reusable artefacts and peer trust.

What's included with your purchase

  • 12 modules with 12 chapters each (144 chapters)
  • Downloadable templates and worked examples for every module
  • Hand-built implementation playbook delivered alongside course access
  • 30-day money-back guarantee

Delivery and format

  • Course and learning environment access provisioned within 24 hours of purchase
  • Hand-built implementation playbook delivered alongside course access

Format: Text-based modules and chapters in the Art of Service learning environment, plus downloadable templates and worked examples for every chapter, plus the hand-built implementation playbook delivered alongside course access.

Time investment: Approximately 3 hours per module, designed for completion within 6 weeks with real-world application.

How this compares to the alternatives

Unlike generic compliance courses, this is tailored to project managers in financial services who need to bridge technical control and enterprise delivery, with concrete tools to become the recognized internal expert.

Frequently asked

Who is this course for?
Project Managers and compliance leads in financial services who coordinate PCI DSS assessments and own delivery.
How is the course structured?
12 modules, each containing 12 chapters (144 chapters total).
Does this prepare me for PCI DSS certification?
No. This course focuses on practical execution and leadership of assessments, not exam prep.
$199 one-time. Approximately 3 hours per module, designed for completion within 6 weeks with real-world application..

Within 24 hours your account in the learning environment is provisioned and the tailored implementation playbook is delivered alongside it.

30-day money-back guarantee· 144 chapters· Hand-built playbook included· Account access within 24 hours