Puneet Varma (Editor)

Certified Payment Card Industry Security Auditor

Updated on
Share on FacebookTweet on TwitterShare on LinkedInShare on Reddit

Certified Payment-Card Industry Security Auditor (CPISA) is an independent payments industry certification governed by theSociety of Payment Security Professionals (commonly known as the SPSP). The CPISA focuses on information technology, information security, and auditing knowledge and skills. This certification is held by members from diverse backgrounds including Level 1 - 4 Merchants, Acquirers, Issuers, QSAs, Processors, Gateways, Service Providers, Consultants, and Auditors. All CPISA holders are members of the SPSP and also hold the CPISM certification.


Certification Knowledge Domains

The CPISA curriculum covers subject matter in a variety of Information Security and Payments Industry topics. The CPISA examination is based on what a collection of topics relevant to payment industry security professionals. The CPISA Knowledge Domains establishes a common framework of payment industry terms and definitions that allow security professionals to discuss and debate matters pertaining to the profession with a common understanding.

The CPISA Knowledge Domains are:


Candidates for the CPISA must meet several requirements:

  • First, join the Society of Payment Security Professionals
  • Second, provide a resume with current credentials and two letters of reference from industry professionals. Candidates must also have at least three years of information security or payment industry experience.
  • Third, one must pass the CPISM and CPISA exams
  • Upon completion of the exams with a passing grade, the SPSP will issue the CPISA Certificate
  • References

    Certified Payment-Card Industry Security Auditor Wikipedia

    Similar Topics
    David Bromberg
    Frédéric Niemeyer