PCI Training
In accordance with PCI DSS Requirement 12.6.1, all personnel within the department authorized to handle card payments, whether processing payments, refunding, reconciling, etc. will complete the annual W&M Payment Card Industry DSS training, as well as, the W&M Security Education and Awareness training. The annual PCI DSS training is intended to promote awareness of technical and operational requirements to protect cardholder data.
Upon hire, the department’s business process owner (Merchant Manager) will instruct the new staff to take the W&M PCI DSS Training and the W&M Security Education and Awareness Training. New hires must complete the training prior to handling credit card processes and/or granting access to any ‘swipe’ equipment such as a Clover or online systems such as Touchnet. Thereafter, all personnel must complete the trainings annually. The PCI Team will remind Merchant Managers around or near February of each year to alert staff to take their annual training. Departments are responsible for tracking and maintaining a log of the initial and annual completed training using the W&M PCI Awareness Roster.
Employees can take the training via Cornerstone:
Log into Cornerstone.
In the upper right corner in the search field enter PCI.
Two play lists will appear (in blue).
Employees take the PCI Employee Training
Merchant Managers and backup Merchant Managers take the PCI Management Training.
For students & volunteers, who cannot access Cornerstone, their training will be in Blackboard. Merchant Managers will need to email PCI@wm.edu a listing of names/93#s who need to be enrolled in the PCI Class.
Employees: PCI Training will be accessed through Cornerstone.
Students & Volunteers: PCI Training will be accessed through Blackboard.
Merchant Manager Training: PCI Management Training will be accessed through Cornerstone.
