SearchSecurity.com Definitions (Powered by WhatIs.com)

Look up tech terms

Powered by: WhatIs.com

Search listings for thousands of IT terms:

Browse tech terms alphabetically:

Look up tech terms

Powered by: WhatIs.com

Search listings for thousands of IT terms:

Browse tech terms alphabetically:

PCI QSA

Show me everything on Enterprise Compliance Tools

Definition-

Payment Card Industry Qualified Security Assessor (PCI QSA) is a designation conferred by the PCI Security Standards Council to individuals it deems qualified to perform PCI assessments and consulting services. 

To qualify as a PCI QSA, an individual must meet information security education requirements, take appropriate training from the PCI Security Standards Council and be employed by an approved PCI security and auditing firm. PCI QSAs must be re-certified annually.

A PCI QSA is hired as an impartial third party by organizations subject to the PCI Data Security Standard to conduct a PCI assessment or advise the organization on how to achieve PCI compliance. During a PCI assessment, the QSA determines whether the organization has met the PCI 12 requirements, either directly or through compensating controls. The QSA then completes a Report on Compliance (ROC) to verify the organization's compliance. The ROC is sent to the organization’s acquiring bank, which then sends it to the appropriate credit card company for verification.


CONTRIBUTORS:Maggie Sullivan

last updated24 Apr 2012


Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

Related Content

Related glossary terms

Terms from Whatis.com − the technology online dictionary
  • user account provisioning  (searchSecurity.com)
  • User account provisioning is a business process for creating and managing access to resources in an information technology (IT) system. To be effective, an account provisioning process should ensure that the creation of accounts and provisioning of access to software and data is is consistent and simple to administer.
  • Secure Sockets Layer (SSL)  (searchSecurity.com)
  • SSL (Secure Sockets Layer) is a commonly-used protocol for managing the security of a message transmission on the Internet; it uses a program layer located between the Internet's HTTP and TCP program layers.