Course Outline

Perkenalan

Memahami PCI-DSS

  • Pengantar PCI-DSS
  • Pentingnya kepatuhan PCI-DSS
  • Tujuan utama PCI-DSS

Standar dan Persyaratan PCI-DSS

  • Tinjauan umum persyaratan PCI-DSS
  • 12 persyaratan PCI-DSS
    • Membangun dan memelihara jaringan dan sistem yang aman
    • Lindungi data pemegang kartu
    • Pertahankan program manajemen kerentanan
    • Terapkan langkah-langkah kontrol akses yang kuat
    • Memantau dan menguji jaringan secara teratur
    • Pertahankan kebijakan keamanan informasi

Kepatuhan dan Penilaian PCI-DSS

  • Proses kepatuhan PCI-DSS
  • Peran dan tanggung jawab dalam kepatuhan PCI-DSS
  • Jenis penilaian PCI-DSS (SAQ, ROC)
  • Bekerja dengan Penilai Keamanan Berkualitas (QSA)

Ruang Lingkup dan Segmentasi

  • Mendefinisikan lingkungan data pemegang kartu (CDE)
  • Cakupan PCI-DSS
  • Segmentasi jaringan dan pentingnya

Membangun dan Memelihara Jaringan yang Aman

  • Firewall dan konfigurasi router
  • Mengamankan komponen jaringan
  • Keamanan jaringan nirkabel

Melindungi Data Pemegang Kartu

  • Teknik enkripsi dan penyamaran data
  • Melindungi data pemegang kartu yang tersimpan
  • Transmisi data pemegang kartu yang aman

Memelihara Program Kerentanan Management

  • Pembaruan rutin dan manajemen patch
  • Mengidentifikasi dan mengurangi kerentanan
  • Solusi anti-virus dan anti-malware

Menerapkan Langkah-Langkah Pengendalian yang Kuat Access

  • Access kebijakan dan prosedur pengendalian
  • Mengelola akses dan autentikasi pengguna
  • Kontrol keamanan fisik

Pemantauan dan Pengujian Jaringan Secara Berkala

  • Memantau lalu lintas jaringan dan log
  • Melakukan pemindaian kerentanan
  • Praktik terbaik pengujian penetrasi

Mempertahankan Kebijakan Keamanan Informasi

  • Mengembangkan dan menerapkan kebijakan keamanan
  • Pelatihan kesadaran keamanan bagi karyawan
  • Perencanaan respons insiden

Mempersiapkan Audit PCI-DSS

  • Mempersiapkan dokumentasi dan bukti
  • Melakukan audit internal
  • Mengatasi masalah ketidakpatuhan

Ringkasan dan Langkah Berikutnya

Requirements

  • Memahami konsep pembayaran online
  • Dasar-Dasar Jaringan
  • Dasar-dasar Keamanan Informasi
  • Pengalaman kerja dalam peran TI atau terkait TI
 14 Hours

Number of participants


Price per participant

Open Training Courses require 5+ participants.

Testimonials (4)

The fact that there were practical examples with the content

Smita Hanuman - Standard Bank of SA Ltd
Course - Basel III – Certified Basel Professional

The trainer was extremely clear and concise. Very easy to understand and absorb the information.

Paul Clancy - Rowan Dartington
Course - CGEIT – Certified in the Governance of Enterprise IT

The trainer was very motivated and knowledgeable. The trainer was not only capable of information transfer, she also brought it with humor to lighten the dry theoretical training subject.

Marco van den Berg - ZiuZ Medical B.V.
Course - HIPAA Compliance for Developers

I genuinely enjoyed the real examples of the trainer.

Joana Gomes
Course - Compliance and the Management of Compliance Risk

Upcoming Courses (Minimal 5 peserta)

PCI-DSS Practitioner

2025-05-20 09:30
14 hours
The City Tower
54540000 IDR (Online)
54545454 IDR (Classroom)

PCI-DSS Practitioner

2025-06-03 09:30
14 hours
Centennial Tower
54540000 IDR (Online)
54545454 IDR (Classroom)

PCI-DSS Practitioner

2025-06-17 09:30
14 hours
Grand Slipi Tower
54540000 IDR (Online)
54545454 IDR (Classroom)

PCI-DSS Practitioner

2025-07-01 09:30
14 hours
The City Tower
54540000 IDR (Online)
54545454 IDR (Classroom)

PCI-DSS Practitioner

2025-07-15 09:30
14 hours
Centennial Tower
54540000 IDR (Online)
54545454 IDR (Classroom)

Related Courses

Basel III – Certified Basel Professional

 21 Hours

Keterangan:

Basel III adalah standar regulasi global mengenai kecukupan modal bank, uji ketahanan, dan risiko likuiditas pasar. Setelah awalnya disetujui oleh Komite Basel untuk Pengawasan Perbankan pada tahun 2010–11, perubahan pada The Accord telah memperpanjang penerapannya hingga 31 Maret 2019. Basel III memperkuat persyaratan modal bank dengan meningkatkan likuiditas bank dan mengurangi leverage bank.
Basel III berbeda dari Basel I & II karena ia mensyaratkan tingkat cadangan yang berbeda untuk berbagai bentuk simpanan dan jenis pinjaman lainnya, sehingga ia tidak begitu menggantikan keduanya melainkan berfungsi berdampingan dengan Basel I dan Basel II.
Lanskap yang kompleks dan terus berubah ini bisa jadi sulit untuk diikuti, kursus dan pelatihan kami akan membantu Anda mengelola kemungkinan perubahan dan dampaknya terhadap institusi Anda. Kami terakreditasi dan menjadi mitra pelatihan Basel Certification Institute dan dengan demikian kualitas dan kesesuaian pelatihan dan materi kami dijamin mutakhir dan efektif.

Tujuan:

  • Persiapan untuk Ujian Profesional Basel Bersertifikat.
  • Menentukan strategi dan teknik langsung untuk definisi, pengukuran, analisis, peningkatan, dan pengendalian risiko operasional dalam organisasi perbankan.

Sasaran Pemirsa:

  • Anggota dewan dengan tanggung jawab risiko
  • CRO dan Kepala Risiko Management
  • Anggota Tim Risiko Management
  • Staf kepatuhan, hukum, dan dukungan TI
  • Analis Ekuitas dan Kredit
  • Manajer Portofolio
  • Analis Lembaga Pemeringkat

Ringkasan:

  • Pengantar norma-norma Basel dan amandemen terhadap Kesepakatan Basel (III)
  • Peraturan mengenai risiko pasar, kredit, rekanan dan likuiditas
  • Pengujian stres untuk berbagai ukuran risiko termasuk cara merumuskan dan memberikan pengujian stres
  • Dampak yang mungkin terjadi dari Basel III terhadap industri perbankan internasional, termasuk demonstrasi penerapan praktisnya
  • Perlunya Norma Basel Baru
  • Norma Basel III
  • Tujuan Norma Basel III
  • Basel III – Garis Waktu
Read more...

Certified Fraud Examiner (CFE) Preparation

 70 Hours

Pelatihan langsung yang dipimpin instruktur di Indonesia (online atau di lokasi) ini ditujukan untuk profesional tingkat lanjut yang ingin mendapatkan pemahaman komprehensif tentang konsep pemeriksaan penipuan dan mempersiapkan diri untuk ujian Certified Fraud Examiner (CFE).

Pada akhir pelatihan ini, peserta akan mampu:

  • Dapatkan pengetahuan komprehensif tentang prinsip pemeriksaan penipuan dan proses pemeriksaan penipuan.
  • Belajar mengidentifikasi, menyelidiki, dan mencegah berbagai jenis skema penipuan keuangan.
  • Memahami lingkungan hukum terkait penipuan, termasuk unsur hukum penipuan, undang-undang, dan peraturan terkait.
  • Dapatkan keterampilan praktis dalam melakukan investigasi penipuan, termasuk pengumpulan bukti, teknik wawancara, dan analisis data.
  • Belajar merancang dan menerapkan program pencegahan dan pencegahan penipuan yang efektif dalam organisasi.
  • Dapatkan kepercayaan diri dan pengetahuan agar berhasil lulus ujian Certified Fraud Examiner (CFE).
Read more...

CGEIT – Certified in the Governance of Enterprise IT

 28 Hours

Description:

This four day event (CGEIT training) is the ultimate preparation for exam time and is designed to ensure that you pass the challenging CGEIT exam on your first attempt.
The CGEIT qualification is an internationally recognised symbol of excellence in IT governance awarded by ISACA. It is designed for professionals responsible for managing IT governance or with significant advisory or assurance responsibility for IT governance.
Achieving CGEIT status will provide you with wider recognition in the marketplace, as well as increased influence at executive level.

Objectives:

This seminar has been designed to prepare Delegates for the CGEIT examination by enabling them to supplement their existing knowledge and understanding to be better prepared to pass the exam, as defined by ISACA.

Target Audience:

Our training course is for IT and business professionals, with significant IT governance experience who are undertaking the CGEIT exam.

Read more...

Compliance for Payment Services in Japan

 7 Hours

This instructor-led, live training in Indonesia (online or onsite) is aimed at payment services compliance professionals who wish to create, implement, and enforce a compliance program within an organization.

By the end of this training, participants will be able to:

  • Understand the rules set forth by government regulators for payment service providers.
  • Create the internal policies and procedures needed to satisfy government regulations.
  • Implement a compliance program that adheres to relevant laws.
  • Ensures that all corporate processes and procedures comply with the compliance program.
  • Uphold the business's reputation while protecting it from lawsuits.
Read more...

Cybersecurity Governance, Risk & Compliance (GRC)

 14 Hours

Pelatihan langsung yang dipandu instruktur di Indonesia (online atau di tempat) ini ditujukan untuk profesional keamanan siber tingkat menengah yang ingin meningkatkan pemahaman mereka tentang kerangka kerja GRC dan menerapkannya pada operasi bisnis yang aman dan patuh.

Pada akhir pelatihan ini, peserta akan dapat:

  • Memahami komponen utama tata kelola, risiko, dan kepatuhan keamanan siber.
  • Melakukan penilaian risiko dan mengembangkan strategi mitigasi risiko.
  • Menerapkan langkah-langkah kepatuhan dan mengelola persyaratan peraturan.
  • Mengembangkan dan menegakkan kebijakan dan prosedur keamanan.
Read more...

Governance, Risk Management & Compliance (GRC) Fundamentals

 21 Hours

Course goal:

To ensure that an individual has the core understanding of GRC processes and capabilities, and the skills to integrate governance, performance management, risk management, internal control, and compliance activities.

Overview:

  • GRC Basic terms and definitions
  • Principles of GRC
  • Core components, practices and activities
  • Relationship of GRC to other disciplines
Read more...

HIPAA Compliance for Developers

 7 Hours

HIPAA (Health Insurance Portability and Accountability Act of 1996) is a legislation in the United States that provides provisions for data privacy and security for handling and storing medical information. These guidelines are a good standard to follow in developing health applications, regardless of territory. HIPAA compliant applications are recognized and more trusted globally.

In this instructor-led, live training (remote), participants will learn the fundamentals of HIPAA as they step through a series of hands-on live-lab exercises.

By the end of this training, participants will be able to:

  • Understand the basics of HIPAA
  • Develop health applications that are compliant with HIPAA
  • Use developer tools for HIPAA compliance

Audience

  • Developers
  • Product Managers
  • Data Privacy Officers

Format of the Course

  • Part lecture, part discussion, exercises and heavy hands-on practice.

Note

  • To request a customized training for this course, please contact us to arrange.
Read more...

HiTrust Common Security Framework Compliance

 14 Hours

This instructor-led, live training in Indonesia (online or onsite) is aimed at developers and administrators who wish to produce software and products that are HiTRUST compliant.

By the end of this training, participants will be able to:

  • Understand the key concepts of the HiTrust CSF (Common Security Framework).
  • Identify the HITRUST CSF administrative and security control domains.
  • Learn about the different types of HiTrust assessments and scoring.
  • Understand the certification process and requirements for HiTrust compliance.
  • Know the best practices and tips for adopting the HiTrust approach.
Read more...

Compliance and the Management of Compliance Risk

 21 Hours

Audiance

All staff who need a working knowledge of Compliance and the Management of Risk

Format of the course

A combination of:

  • Facilitated Discussions
  • Slide Presentations
  • Case Studies
  • Examples

Course Objectives

By the end of this course, delegates will be able to:

  • Understand the major facets of Compliance and the national and international efforts being made to manage the risk related to it
  • Define the ways in which a company and its staff might set up a Compliance Risk Management Framework
  • Detail the roles of Compliance Officer and Money Laundering Reporting Officer and how they should be integrated into a business
  • Understand some other “hot spots” in Financial Crime – especially as they relate to International Business, Offshore Centres and High-Net-Worth Clients
Read more...

Related Categories

Image for the Corporate Compliance
Corporate Compliance