Definition

PCI QSA

Contributor(s): Maggie Sullivan

Payment Card Industry Qualified Security Assessor (PCI QSA) is a designation conferred by the PCI Security Standards Council to individuals it deems qualified to perform PCI assessments and consulting services. 

To qualify as a PCI QSA, an individual must meet information security education requirements, take appropriate training from the PCI Security Standards Council and be employed by an approved PCI security and auditing firm. PCI QSAs must be re-certified annually.

A PCI QSA is hired as an impartial third party by organizations subject to the PCI Data Security Standard to conduct a PCI assessment or advise the organization on how to achieve PCI compliance. During a PCI assessment, the QSA determines whether the organization has met the PCI 12 requirements, either directly or through compensating controls. The QSA then completes a Report on Compliance (ROC) to verify the organization's compliance. The ROC is sent to the organization’s acquiring bank, which then sends it to the appropriate credit card company for verification.

This was last updated in April 2012

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close