06
Jul
22

PCI DSS v4 Transition Training Arrives

I received an email from the Council today that announced that PCI DSS v4 Transition Training will begin to be available through the PCI Portal the week of July 11 for all current QSAs.

According to their message:

“The training takes between 4-5 hours to complete and is based on documents that are already available:

  • PCI DSS Requirements and Testing Procedures Version 4.0
  • PCI DSS v4.0 Report on Compliance Template
  • PCI DSS v3.2.1 to v4.0 Summary of Changes
  • PCI DSS v4.0 AOCs and SAQs
  • PCI DSS v4.x Report on Compliance Template – Frequently Asked Questions

We recommend assessors download these documents before taking the training course. There will be an exam that follows the training. The exam is an open book, 25 multiple-choice questions, which you will have 60 minutes to complete. The questions are based on the course content and associated documents (listed above). You will be granted access to the exam via the Portal once you have completed the training. Once you pass the exam, with a 75% or higher, the website listings will be updated to reflect that you are now qualified to lead an assessment using PCI DSS v4.0.

Important exam information summarized:

  • 25 multiple-choice questions
  • Open book
  • Available via the Portal after you complete the transition training
  • 60 minutes long
  • 75% or higher score to pass

Once the training is available, you will receive an email with instructions on how to access the training and take the exam.”

Best of luck to everyone on passing this new QSA requirement.

UPDATE: I passed the PCI DSS v4 Transition Training on July 17. A lot of material in the presentations but it is good stuff and I found it very informative. I still have questions about how the tables in section 6 of the ROC work and have asked for additional clarifications. My biggest concern is avoiding the debacle a lot of QSACs went through when we all went through the first AQM process and most ended up in remediation.


2 Responses to “PCI DSS v4 Transition Training Arrives”


  1. 1 mrgray
    July 7, 2022 at 5:52 AM

    Thanks for this. Is it possible for non-QSAs to take the exam? We are self-assessing and I would like to present this level of credibility to my organization.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s


Welcome to the PCI Guru blog. The PCI Guru reserves the right to censor comments as they see fit. Sales people beware! This is not a place to push your goods and services.

July 2022
M T W T F S S
 123
45678910
11121314151617
18192021222324
25262728293031


%d bloggers like this: