Need a PCI Qualified Security Assessor? Curious as to how to choose a QSA? First and foremost, make sure the QSA has ample experience in performing on-site PCI DSS Level 1 assessments for merchants and service providers. Additionally, make sure the QSA has ample knowledge of policies and procedures, or can at least point you into the right direction of what policies and procedures should be used to help facilitate compliance for you.
Additionally, talk to the QSA directly and inquire about how he or she conducts the entire PCI assessment and compliance process, from beginning to end, that is, what specific phases or PCI Roadmap to Compliance does he or she follow. What specific areas throughout these phases is the QSA going to assist your organization on.
QSA’s are human, so each has their own respective style on conducting PCI DSS assessments. Talk to them to find out which methodology fits best for your organization.
Compliance with the Payment Card Industry Data Security Standards (PCI DSS) provisions can be costly and time-consuming, you want to pick a QSA who truly understands your needs and challenges for PCI DSS.