In order for Binghamton University to comply with the Payment Card Industry Data Security Standard (PCI DSS), a large number of employees must complete training on an annual basis. For 2019, there are 215 regular employees who must be trained. Additionally, there are many student interns that require the training also. The list comprises employees from ITS and campus merchant departments. It also includes employees who may come into contact with credit card data, those who actually process credit cards, those who supervise such employees, and those who supervise entire departments affected by this requirement.
Please note, the employees selected for training are NOT selected by the PCI Compliance Officer nor the Office of Risk Management and Administrative Compliance. Supervisors from numerous departments select which employees require the training based upon the guidelines above. So anyone questioning why they have received the PCI DSS training assignment should speak with their supervisor.
There are two options for completing training, either one of which will satisfy the annual requirement.
Option 1: WeComply training module
This is the same training module that we have used since 2010 with minor updates over the years. All 215 regular employees and all student interns will receive notification from the University Center for Training and Development (UCTD) that they have been assigned the module. The notification will direct you to the WeComply website.
To launch the module from the website, it is recommended that you use Firefox or Chrome. (Not Internet Explorer)
Here are the instructions the UCTD will send you:
- Go to http://training.wecomply.com/wc2/login.aspx
- Enter your username [your BU email address (aka BMAIL)]
- Enter your password [your last name, all in lowercase letters]
- Click the "Sign In" button
- Click on the “PCI-DSS Compliance 2019” module
Option 2: Multiple Choice Quiz
For regular employees who have taken the WeComply training module in the past, you may be able to complete training more quickly by passing a PCI DSS quiz. The quiz can be found on MyCourses and it contains 23 multiple choice questions. Follow the MyCourses instructions under option one above and simply choose the quiz instead of the training module. Almost half of the 23 quiz questions are identical to the questions at the end of the WeComply module. The remaining questions can be found here on our PCI DSS web page or in PCI DSS Newsletters. Please note the following requirements associated with the quiz:
- You must have completed the WeComply training module in the past to be eligible to take the quiz. So, the quiz is not available to new employees in their first year or employees who are new to PCI compliance.
- You must achieve a score of 92% or higher to pass. So, you may only miss two questions maximum. Note: the final question is graded, so please follow the instructions carefully.
- Should you score below 92%, you MUST complete the WeComply Module.
- This option is not available to student interns, regular employees only.
- Before attempting the quiz, you must notify the RMAC office so they can add you to MyCourses.