The PCI Security Standards Council operates an in-depth program for security companies seeking to become Qualified Security Assessors (QSAs), and to be re-certified each year. The five founding members of the Council recognize the QSAs certified by the PCI Security Standards Council as being qualified to assess compliance to the PCI DSS standard.

Qualified Security Assessor (QSA) companies are independent security organizations that have been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS. QSA Employees are individuals who are employed by a QSA Company and have satisfied and continue to satisfy all QSA Requirements.

Qualified Security Assessor (QSA) training is a two-part program. The first is a five-hour prerequisite course and exam on PCI Fundamentals. It’s followed by an in-depth course and exam delivered virtually or in-person. PCI Fundamentals assures that all candidates attending the QSA training course have the same baseline understanding.

The primary role of a QSA is to conduct on-site PCI DSS assessments of merchants and service providers. Under the rules of the card brands, level 1 companies are required to have on-site PCI assessments done on an annual basis.

2025年3月5日 · Learn what a PCI Qualified Security Assessor (QSA) does, their role in payment security, and how they help businesses maintain PCI DSS compliance.

2023年8月4日 · Qualified Security Assessor (QSA) training is a two-part program. The first is a seven-hour prerequisite course and exam on PCI Fundamentals. It’s followed by an in-depth, two-day instructor-led course and exam. PCI Fundamentals assures that all candidates attending the QSA training course have the same baseline understanding.

A Qualified Security Assessor (QSA) is a professional certified by the PCI Security Standards Council (PCI SSC) and undertakes the evaluation of an organization’s security measures and assesses their compliance with PCI DSS requirements.

2025年3月17日 · Posted by Alicia Malone on 17 Mar, 2025 in Guidance and Awareness and PCI DSS and PCI SSC and QSA and PCI DSS v4.0 and Artificial Intelligence (AI) Artificial intelligence (AI) is transforming industries, and the PCI Security Standards Council (PCI SSC) has introduced new guidance to support the responsible use of AI in PCI assessments.

2023年5月8日 · Finding a QSA might seem like a daunting task in your PCI DSS compliance journey but this article will help remove the unknowns and guide you through the process. We will help you determine if you need a QSA, why you might want to get a QSA, and how to pick the QSA that’s best for your organization.

Qualified Security Assessor (QSA) companies are independent security organizations that have been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS. QSA Employees are individuals who are employed by a QSA Company and have satisfied and continue to satisfy all QSA Requirements.