SOURCE: Society of Payment Security Professionals

December 11, 2008 12:00 ET

Society of Payment Security Professionals Introduces New Certification

PARK CITY, UT--(Marketwire - December 11, 2008) - The Society of Payment Security Professionals (SPSP) hosted its first Certified Payment-Card Industry Security Auditor (CPISA) training and certification event last month. The CPISA is the companion certification to the Certified Payment-Card Industry Security Manager (CPISM) certification, which currently has over 150 people certified. The CPISA event was held in conjunction with the CPISM event in Dallas, Texas. Despite being scheduled to begin on Election Day, the training was well attended and well received.

"The bottom line is simple: If your business stores, processes, or transmits payment card data, or provides services to companies that do, you must take this training," said James J. DeLuccia IV, Managing Director at Intellection Strategies, Inc. and author of the book "IT Compliance & Controls." "The certification exams are extremely tough, the material is based on thousands of pages, and the days of training are the primer for your further education. The entire event was tremendously valuable."

The purpose of the CPISA certification is to provide formal recognition for individuals that demonstrate proficiency with Payment-Card Industry data security issues and the techniques and methodologies required to audit controls necessary to protect sensitive data.

The CPISA examination is an extension of the CPISM certification. The CPISM exam covers eight domains: Payment card industry structure, Payment card structure and data, Payment card transaction processing, Compromise fraud statistics and trends, Merchant risk analysis, Laws and the regulatory environment, Payment card security programs and Third party relationships.

The CPISA focuses on information technology, information security, and auditing knowledge and skills, in addition to the skills taught in the CPISM. Examinees are taught information security concepts such as access control models, cryptographic models and their uses, security management practices, security architecture, application and system security, and physical security.

Both certifications are proctored by the Society of Payment Security Professionals, which has grown to over 500 individuals representing a variety of organizations including, banks, auditors, Level 1 Merchants, and QSA firms, throughout 30 countries.

About the Society of Payment Security Professionals

The Society of Payment Security Professionals' objective is to provide individuals and organizations involved in payment security with an online community to share information, and access education and certification opportunities. Society members come from a variety of businesses including card brands, merchants, acquirers, ISOs, and more. Though their organizations may vary, they all share one purpose: to protect sensitive customer data using the most current, viable technologies and processes. The SPSP is managed by The Aegenis Group.

Contact Information

  • Media Contact:

    John Matejka
    Director of Communications
    Society of Payment Security Professionals
    Email Contact
    888-615-3334 ext. 15