Regulatory Compliance, Governance and Security

Nov 24 2009   6:51PM GMT

PCI Qualified Security Assessor | How to Choose a QSA



Posted by: Charles Denyer
Tags:
charles denyer
merchants
pci dss readiness assessment
pci roadmap to compliance
qsa
qualified security assessor (QSA)
service providers

Need a PCI Qualified Security Assessor? Curious as to how to choose a QSA? First and foremost, make sure the QSA has ample experience in performing on-site PCI DSS Level 1 assessments for merchants and service providers. Additionally, make sure the QSA has ample knowledge of policies and procedures, or can at least point you into the right direction of what policies and procedures should be used to help facilitate compliance for you.

Additionally, talk to the QSA directly and inquire about how he or she conducts the entire PCI assessment and compliance process, from beginning to end, that is, what specific phases or PCI Roadmap to Compliance does he or she follow. What specific areas throughout these phases is the QSA going to assist your organization on.

QSA’s are human, so each has their own respective style on conducting PCI DSS assessments. Talk to them to find out which methodology fits best for your organization.

Compliance with the Payment Card Industry Data Security Standards (PCI DSS) provisions can be costly and time-consuming, you want to pick a QSA who truly understands your needs and challenges for PCI DSS.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: