SOURCE: Society of Payment Security Professionals

July 15, 2008 09:30 ET

Society of Payment Security Professionals Welcomes the Newest CPISMs: New Standard of Experience and Education for the Payment-Card Industry

PARK CITY, UT--(Marketwire - July 15, 2008) - The Society of Payment Security Professionals (SPSP) proctored the industry's first Certified Payment-Card Industry Security Manager (CPISM) training and examination for more than 55 individuals. In the first months since the debut of the certification, two major acquiring banks and a Qualified Security Assessor have sent almost 100 of their employees through the training and examination. According to Dr. Heather Mark, Ph.D., Executive Director of the Society of Payment Security Professionals, "This marks the adoption of a new standard of experience and education for those that are involved in protecting consumer data in the Payment-Card Industry."

"The protection of consumer data is an initiative that ProPay takes very seriously," said Richard Sorenson, COO of ProPay and newly minted CPISM. "In having our employees sit for both the training and the exam we are able to better inform our clients on issues of data protection. The rigorous certification demonstrates to our clients that we take the protection of their data seriously, and can help them do so as well."

The CPISM exam covers those knowledge domains that have been identified by industry experts as being critical to managing the security or compliance function within the Payment-Card Industry. The domains have been validated by industry stakeholders including major card brands, banks, Qualified Security Assessors, merchants, and service providers to ensure relevance and consistency. The exam was developed using accepted educational and exam development criteria and has been rigorously tested for validity. Applicants were tested on subjects in the following domains:

(1) Payment-card industry structure
(2) Payment-card structure and data
(3) Payment-card transaction processing
(4) Compromise fraud statistics and trends
(5) Merchant risk analysis
(6) Laws and the regulatory environment
(7) Payment-card security programs
(8) Third party relationships

"By having cross-functional teams trained and certified on the protection of consumer data, companies can not only inform their clients on the protection of data, but they can support their internal teams and processes as well," said Dr. Mark. "By leveraging the same trainers that support the PCI SSC, we are able to ensure consistency of messaging and quality of training."

Training was provided by The Aegenis Group. In addition to supporting the CPISM, The Aegenis Group is the worldwide QSA trainer and contracts with the major card brands to train acquirers, merchants, issuers, and service providers on the PCI DSS and card brand programs. Since 2006, The Aegenis Group has trained over 10,000 individuals on payment card security.

In order to sit for the CPISM, individuals must be members in good standing of the Society of Payment Security Professionals, provide a resume containing current credentials in either the Payment-Card Industry or Information Security, and two letters of reference. For more information on the CPISM and other upcoming certifications, visit

About the Society of Payment Security Professionals

The Society of Payment Security Professionals' objective is to provide individuals and organizations involved in payment security with an online community to share information, and access education and certification opportunities. Society members come from a variety of businesses including card brands, merchants, acquirers, ISOs, and more. Though their organizations may vary, they all share one purpose: to protect sensitive customer data using the most current, viable technologies and processes. The SPSP is managed by The Aegenis Group.

About The Aegenis Group

The Aegenis Group specializes in training and consulting in payment security and privacy. The company was founded by experienced members of the Payment Security Industry. Since 2007, The Aegenis Group has trained more than 10,000, including every Qualified Security Assessor (QSA) worldwide, people on issues related to the PCI DSS and Payment Security. The Aegenis Group is contracted with the Payment-Card Industry Security Standards Council to train all Qualified Security Assessors. Additionally, The Aegenis Group has conducted on-site educational seminars on behalf of a major payment card brand, Fortune 500 companies, Big Four consulting firms, Acquiring Banks, Merchants, and others concerned with the protection of consumer data in the Payments Industry.

Contact Information

  • Contact:

    Dr. Heather Mark, Ph.D., CPISM
    Executive Director
    Society of Payment Security Professionals
    Email Contact