Drucken Drucken
Textgröße Schriftbild vergrößernSchriftbild verkleinernSchriftbild zurücksetzen

PCI ASV Training

The PCI ASV training program, for staff and security personnel of ASV companies, is comprised of an in-depth eight-hour online course and exam covering the Payment Card Industry (PCI), Payment Card Industry Data Security Standards (PCI DSS) requirements and ASV scan testing procedures. With the knowledge gained in this training, ASV staff will be better equipped to serve their customers in ensuring the quality of scan outputs and providing reports that are complete and accurate.

Course Description
Training Schedule & Fees
Requirements
General Information
Kontakt

Course Description

The course curriculum covers:

  • PCI DSS Program Overview
    Outlines the PCI DSS lifecycle, and the 12 requirements of PCI DSS.
  • Payment Industry Terminology and Relationships
    Provides an overview of the payment industry terminology, key service provider relationships and the transaction flows associated with various payment industry processes.
  • Compliance Validation, Requirements and Process
    Outlines merchant and service provider levels, and validation and reporting requirements for merchant levels and service providers for payment brands associated with PCI SSC.
  • Roles and Responsibilities, ASV Overview and Quality Assurance
    Discusses roles and responsibilities, and covers aspects of external vulnerability scanning, such as overview of the scan process, scoping an ASV scan, the ASV scan solution, scan reporting, and quality assurance.
  • General Requirements for Scanning
    Reviews contracting, scope for ASV scans, procedures for scan customers and ASVs, and the characteristics of scan solutions.
  • Scan Reporting
    Examines scan report contents, reading and interpreting reports, vulnerability reporting, and the Common Vulnerability Scoring System or CVSS.
  • Scanning Vendor Testing and Approval Process
    Details the testing and approval process for ASV companies.

The course concludes with an online exam.

2011 PCI ASV Training Course Schedule and Fees

PCI ASV training is scheduled in two-week blocks that take place twice a month between the 1st to the 14th and the 15th to the 28th.Registering for the training block provides attendees access to the content for the entire two-week period, during which the eight-hour course and exam can be completed at any time.

All course fees are NON-TRANSFERABLE and NON-REFUNDABLE. Payment is required prior to the course. The fee is $995 USD.

Payment Options: An invoice will be issued upon completion of registration and will include instructions to pay by check, credit card or wire transfer.

Requirements for Registering for PCI ASV Training

At this time PCI SSC does not offer ASV qualification to individuals who do not work for validated ASV Companies. You must be a full time employee of an ASV Company in order to register for ASV Training and be qualified as an ASV.
Please see the Validation Requirements for Approved Scanning Vendors v2.0, February 2011 for more details.
Please refer to the PCI Awareness Training page for an optional training opportunity that may meet your needs.

  • All training inquiries and assignments must be submitted through the ASV company’s primary contact.
  • PCI SSC requires all training attendees to be full-time employees of a validated ASV company.
  • ASV applicants must meet and submit a resume reflecting either one of the following minimum requirements:
    • CISSP, CISA or CISM Certificate, or
    • 5 Years of IT Security experience in a Resume’ format
  • A signed copy of the PCI ASV Compliance Test Agreement from the Validation Requirements for Approved Scanning Vendors v2.0, February 2011 will need to be submitted per ASV company, one time only.
  • All ASV companies who have revalidated their ASV status for this year or are expected to revalidate their ASV status for the year prior to June 1, 2011, will need to qualify two ASV staff through the ASV Training by June 15, 2011.  All other ASV companies whose renewal date falls on or after June 1, 2011 will need to qualify two ASV staff through the ASV training prior to their company’s annual renewal date. 

General Information

Attendees have access to the content for the entirety of the two-week block, but the exam must be completed before the two weeks is expired. Attendees will no longer have access to training content after this period.

The primary contact at the ASV company will be notified two weeks after the ASV registers and takes the PCI ASV exam. Employees who fail may retake the training and exam, upon payment of a re-test fee. For each attendee that passes the exam, the ASV Company will receive a certificate that validates the employee for the next 12 months.

Kontakt
If you have any further questions regarding the process for registering your employees for this training, please contact the PCI ASV Program Manager at asv@pcisecuritystandards.org


Certification Programs

Zurück nach oben

Der PCI Security Standards Council (der "Council") bietet verschiedene Funktionen, Fragebögen, Anleitungen, FAQs, Trainingshilfen und andere Materialien und Informationen, um Organisationen bei ihren Bemühungen zu unterstützen, die Standards zu erfüllen (die "Standards"). Fremdprodukte und -dienstleistungen sind ebenso verfügbar, der Council billigt oder empfiehlt jedoch derartige Fremdprodukte oder -dienstleistungen nicht und rät allen Organisationen aus Compliance-Gründen, sich mit den Standards und den entsprechenden Anforderungen vertraut zu machen, ehe Sie Fremdprodukte oder -dienstleistungen erwerben. Und dann müssen unabhängig davon, ob und welche Fremdprodukte verwendet werden, alle geltenden Anforderungen erfüllt sein, um Compliance zu erreichen.
Powered By OneLink