The PCI Security Standards Council operates an in-depth program for security companies seeking to become Qualified Security Assessors (QSAs), and to be re-certified each year. The five founding members of the Council recognize the QSAs certified by the PCI Security Standards Council as being qualified to assess compliance to the PCI DSS standard.

Qualified Security Assessor (QSA) companies are independent security organizations that have been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS. QSA Employees are individuals who are employed by a QSA Company and have satisfied and continue to satisfy all QSA Requirements.

Qualified Security Assessor (QSA) training is a two-part program. The first is a five-hour prerequisite course and exam on PCI Fundamentals. It’s followed by an in-depth course and exam delivered virtually or in-person. PCI Fundamentals assures that all candidates attending the QSA training course have the same baseline understanding.

PCI安全标准委员会严格的维护了合格安全性评估机构（QSA：Qualified Security Assessors）的授权评估体系，面向收单银行、商户、服务提供商等支付产业相关机构提供安全扫描和评估服务，并出具符合性报告。

2023年8月4日 · Qualified Security Assessor (QSA) training is a two-part program. The first is a seven-hour prerequisite course and exam on PCI Fundamentals. It’s followed by an in-depth, two-day instructor-led course and exam. PCI Fundamentals assures that all candidates attending the QSA training course have the same baseline understanding.

Note: QSA Companies must ensure that each of its QSA Employees only works on those PCI SSC Assessments for which the QSA Employee is properly qualified by PCI SSC, has appropriate skills, including technology and language, and has an appropriate understanding of the customer’s/client’s business.

Qualified Security Assessor (QSA) is a designation conferred by the PCI Security Standards Council to those individuals that meet specific information security education requirements, have taken the appropriate training from the PCI Security Standards Council, are employees of a Qualified Security Assessor (QSA) company approved PCI security ...

When you’re dealing with PCI DSS compliance, the terms QSA and QSAC come up a lot. So what are they? It’s a good question, because the term ‘QSA’ can refer to at least 3 related things. The term QSA itself stands for Qualified Security Assessor, which is a qualification issued by the PCI Security Standards Council.

Because the quality of PCI DSS validation assessments can have a tremendous impact on the consistent and proper application of security measures and controls, the PCI Security Standards Council's QSA qualification requirements are exacting and detailed, involving both the security companies and their individual employees.

Qualified Security Assessor (QSA) companies are independent security organizations that have been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS. QSA Employees are individuals who are employed by a QSA Company and have satisfied and continue to satisfy all QSA Requirements.