We are sorry, this event is in the past, registrations are now closed. To view forthcoming events please see the Next Sessions tab or see our Schedule.

The PCI SSC Internal Security Assessor (ISA) Program provides large merchants, acquiring banks, and processors the opportunity to build their internal PCI Security Standards expertise and strengthen their approach to payment data security, as well as increase their efficiency in compliance with the PCI Data Security Standards.

PCI Internal Security Assessor - Manama

LnxImage object

Why Attend

The Internal Security Assessor (ISA) Program assists firms in educating their employees on PCI requirements. The program trains, tests, and qualifies organizations and individuals to assess and validate their company’s adherence to PCI Security Standards. As a PCI qualified ISA, you will gain these benefits:

For you

Support of the proper application of PCI DSS measures and controls
Improve your understanding of PCI DSS and how it can help protect your customer data and your business
Help your organization build internal expertise
Facilitate interaction with a QSA for your organization
Enhance payment card data security and manage compliance costs
Earn CPE credits
In-person engagement and collaboration as well as networking opportunities
Ability to focus on curriculum with fewer distractions in classroom setting
Learn directly from an expert trainers with years of experience in the industry

For your company

Develop internal security expertise for driving and maintaining PCI compliance
Enhance the quality, reliability, and consistency of internal PCI DSS self-assessments
Reduce compliance costs by encouraging development of ongoing security processes

Latest Trainee Ratings

10 out of 10 people would you recommend this training to others.  9 out of 10 people rate LiquidNexxus PCI ISA and PCIP Training Delivery as excellent 

What did you find most useful about the training?

"The Real life Case study that helps you think inline with the material to have a good understanding of the course."
"Classroom discussions and understanding."
"The additional value provided by LiquidNexxus trainers, references to additional materials which not only help with understanding PCI, but provide practical steps to take"
"The Case studies and interaction and teamwork with other trainees was really useful, allowed me to focus on applying the theory"
"Real life experiences, demonstrations by the trainer, Interaction with others and sharing of experiences"

LnxImage object


Employee Education is the Best Defense for Protecting your Organization’s Data Assets. To address concerns about PCI compliance and card data security, the PCI Security Standards Council operates the Internal Security Assessor Program to assist firms seeking to educate their employees on PCI compliance regulations.  The program trains, tests, and certifies organizations and individuals to assess and validate adherence to PCI Security Standards.

The PCI SSC Internal Security Assessor Program provides an opportunity for employees of qualifying organizations to receive PCI DSS training and qualification, to improve the organization's understanding of the PCI DSS, facilitate the organisation's internal PCI DSS self-assessments, and support the consistency of the organisation's internal PCI DSS measures and controls.

Internal Security Assessor training provides an opportunity for individuals to learn how to perform internal assessments for their company and recommend solutions to remediate any PCI compliance issues. Sponsored by their employer to attend this training, an ISA is able to act as liaison with external PCI auditing personnel and manage interactions with a QSA during the assessment process.
The ISA training program outlines best practices and provides tools for implementing controls to protect systems and data and to minimize compliance risk. Through this course, you will become an expert in the requirements for PCI compliance as well as assessment and remediation techniques.

LnxImage object
LnxImage object

Certification Process

There are distinct steps to join as an ISA Sponsor Company and have candidates complete ISA training:

Step 1: Seat Pre-Reservation
Complete a LiquidNexxus reservation form to pre-reserve the attendee seats at the selected instructor-led training session (this guarantees your seats so long as the rest of the application process is completed)

Step 2: Submit Documentation
Submit required Sponsor Company documentation including:
  • Original signed agreement (page 13 of the Qualification Requirements document)
  • Enter your company primary contact information (note, this person will receive all PCI SSC communications)
  • Copy of your company business license (Articles of Incorporation are also acceptable)
  • A fully completed ISA Attestation form (page 16 of the Qualification Requirements Document) for each candidate you wish to send to training
  • Please choose instructor-led format including location and date of the session

Step 3: Application Review
Your application is reviewed and accepted by the PCI SSC (Applications are reviewed within 5 business days of receipt)

Step 4: Payment Confirmation and Pre-requisite PCI Fundamentals Credentials
Upon confirmation from the PCI SSC, LiquidNexxus will issue an invoice * and send it via email to your designated contact.
Upon receipt of payment, the designated primary contact will receive instructions from the PCI SSC for the online pre-requisite portion of the training.

Step 5: Complete the PCI Fundamentals Training & Exam 
The PCI Fundamentals Course is an online prerequisite course that is required to be completed prior to the start of the ISA Training.
The PCI Fundamentals Course is a seven hour online training course and exam. The candidate will receive credentials to access this course in line with the Registration Process described on this page.
If the candidate receives three failing grades for the PCI Fundamentals course, his or her seat at the instructor-led session will be forfeited. If he or she wishes to try again, the candidate will be required to pay the full course fee for a second time and receive a passing grade in the PCI Fundamentals course to be allowed to attend the two-day instructor-led session. There will be no exceptions made and by paying the invoice.
  • NOTE: PCI Fundamentals must be successfully completed one week prior to the start of the on-site training.
Step 6: Final Confirmation
Once the PCI Fundamentals training and test have been passed successfully, LiquidNexxus will send the primary contact will be sent the final timings, location and venue details for the class. (This will not be released until online PCI Fundamentals training has been taken and the test passed.)

Step 7: Examination
Once the training has concluded the candidates will receive appropriate credentials to register with Pearson Vue and book a date for the exam at a testing center (candidates will have 30 days from the conclusion of the course to complete the exam).
Notes: Please carefully review the Qualification Requirements for Internal Security Assessors (ISA), to learn more about the program and locate the documents noted above. All training inquiries and assignments must be submitted through your company's assigned primary contact.
LnxImage object

Who Attends

The ISA course is targeted to internal auditors as well as internal security and risk assessment staff at large merchants/institutions, acquiring banks and processors.

ISA training is intended primarily for individuals who already possess significant relevant security audit and assessment experience including (but not limited to) the following roles:

Internal Auditor
IT Audit Director
Corporate Security Officer
Internal Security Chief
Internal Security Auditor
Director of Security
Network Security
Application Security
System Integration
and Auditing

(ISA candidates must be validated and approved by their Sponsor Organization.)

LnxImage object
LnxImage object


Hundreds of delegates from all over the world have attended LiquidNexxus training sessions. Here are some testimonials related to this course/event.

View More Testimonials


The ISA course is the next step for those candidates who have successfully completed the pre-requisite PCI Fundamentals course. This course builds on the knowledge gained in PCI Fundamentals and delves into the actual PCI DSS requirements and testing procedures. In addition it addresses topics such Report on Compliance (ROC) documentation, QA ROC review, and compensating controls to name just a few. Also included in the instructor-led course are case studies that provide the ISA candidate with a simulation of assessment scenarios that may aid them in solving common problems found in their own environments. A multiple choice exam may be conveniently scheduled at a Pearson VUE Testing Center. Topics of the course include:

What is PCI and what does it mean to companies that must meet compliance with the DSS?
  • Industry overview
  • Terminology
  • Transaction data flow
  • Relationships between various organizations in the process
How the credit card brands differ in their validation and reporting requirements
PCI Data Security Standard (DSS)
  • Overview of 3.2
  • Testing procedures
  • What constitutes compliance
PCI Hardware and Communications Infrastructure
PCI Reporting
Real world examples
  • Overview of compliance issues and mitigation strategies
  • Compensating controls
  • Creating policies
  • Modifying cardholder data environment
LnxImage object
LnxImage object
LnxImage object

Supporting Organisations

This event is supported by the following organisations…

Strategic Partner
Bahrain Institute of Banking & Finance (BIBF)

Bahrain Institute of Banking & Finance (BIBF)

BIBF plays a vital role in the training and development of human capital in the Middle East and North Africa. Our commitment to excellence has strengthened our position as the leading educational provider across all major business disciplines. We serve as a partner to numerous world-class institutions; delivering thought leadership, assessment and training in the areas of Banking, Islamic Finance, Executive Development, Accounting & Finance, Academic, Leadership & Management, Insurance, Information Technology and Communication; resulting in a complete business solution.


Crowne Plaza Bahrain

P.O.Box No. 5831 Diplomatic Area. T: +973 17531122 E: info.cpbahrain@ihg.com, Manama Bahrain

Manama is the capital and largest city of Bahrain, Long an important trading centre in the Persian Gulf. Manama is the focal point of the Bahraini economy, with a recent growth of  Heavy industry such as aluminium smelting, ship repair, and tourism, banking and finance.




Next Sessions

No session planned yet for this course, please click here to contact us.
Inhouse and eLearning available and we are always interested in working with new partners.