Hello,
We're currently looking for a training vendor or online training for our employees on PCI awareness. The trainees would be any employees that interact with credit card information. Has anyone used a training resource that they would recommend?
Thank you,
Sapna
Hi Sapna,
At the last place I worked, we had a consulting firm do a PCI Audit - but they did not do staff training. I would make it part and parcel of staff training in general by emphasizing the that they need to be aware of PCI rules; No writing down credit card numbers, no emailing credit card numbers, blacking out credit card numbers on order forms once they have been input into the system, secure network infrastructure, etc.
In my experience, it is upper management that needs to be on board with PCI compliance, and when they realize the consequences, they usually are. Then it is easier to make the case to the staff that this is an edict from on high. But you might want to start with an audit to see where the gaps in your compliance are to start.
Best,
Susan