Certified Payment-Card Industry Security Manager (CPISM) is an independent payments industry certification governed by the Society of Payment Security Professionals (commonly known as the SPSP). The CPISM is the de facto certification for payment security professionals. This certification is held by members from diverse backgrounds including Level 1 - 4 Merchants, Acquirers, Issuers, QSAs, Processors, Gateways, Service Providers, and Consultants. All CPISM holders are members of the SPSP.
'Society of Payment Security Professionals' Website Defunct.
editThe sites for www.paymentsecuritypros.com as well as the associated www.pcianswers.com are defunct.
Certification Knowledge Domains
editThe CPISM curriculum covers subject matter in a variety of Information Security and Payments Industry topics. The CPISM examination is based on what a collection of topics relevant to payment industry security professionals. The CPISM Knowledge Domains establishes a common framework of payment industry terms and definitions that allow security professionals to discuss and debate matters pertaining to the profession with a common understanding.
The CPISM Knowledge Domains are:[1]
- Payment card industry structure
- Payment card structure and data
- Payment card transaction processing
- Compromise fraud statistics and trends
- Merchant risk analysis
- Laws and the regulatory environment
- Payment card security programs
- Third party relationships
Requirements
editCandidates for the CPISM must meet several requirements:[1]
- First, join the Payment Card Security Community
- Second, provide a resume with current credentials and two letters of reference from industry professionals
- Third, one must pass the CPISM exam
- Upon completion of the exam with a passing grade, the SPSP will issue the CPISM Certificate
Reference Documents
editThe SPSP provides several reference documents for studying and preparing for the CPISM certification: