Home > IT Blogs > Regulatory Compliance, Governance and Security >

Regulatory Compliance, Governance and Security:

payment card industry security standards council

Jul 24 2009   8:00PM GMT

PCI DSS Compliance | Why You Need a QSA for Level 1 Compliance



Posted by: Charles Denyer
payment card industry data security standards (PCI DSS), PCI, dss, qsa, qualified security assessor (QSA), charles denyer, service provider, merchant, level 1, payment card industry security standards council, pci ssc

PCI DSS Compliance for Level 1 Merchants and Service Providers is mandatory. In short, if you are a Merchant or Service Provider and have been called upon to become Payment Card Industry Data Security Standards (PCI DSS) compliant, then an on-site assessment by a Qualified Security Assessor (QSA) is what you will need.

A QSA is simply an individual who has gone through the licensing to become an expert in PCI DSS compliance. This is somebody who has been awarded the designation by the Payment Card Industry Security Standards Council, known as the PCI SSC.

For more information about PCI DSS compliance and in hiring a QSA for all your Level 1 needs, visit the official PCI DSS Resource Guide.

And lastly, MasterCard has now strengthened their requirements to make Level 2 merchants also undertake an on-site PCI DSS assessment.

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend

Jun 20 2009   3:31AM GMT

PCI COMPLIANCE



Posted by: Charles Denyer
pci compliance, merchants, level 1, PCI DSS, payment card industry data security standards (PCI DSS), payment card industry security standards council, charles denyer

Payment Card Industry Data Security Standards (PCI DSS) compliance means many different things to many people. And after all, it should, based on the complexities of truly understanding what the phrase “PCI Compliance” or being “PCI compliant” really means.

For an ounce of clarity, remember this. All merchants that fall into Level 1 of the transaction volume parameters for PCI will have to undertake an on-site PCI DSS assessment by a Qualified Security Assessor; somebody who has gone through the training and certification process by the Payment Card Industry Security Standards Council (PCI SSC).

“Most” other levels (and i stress most, because there are exceptions) can conduct their own self-assessment for PCI compliance. The world “self” is misleading because most organizations trying to comply will need assistance from a PCI QSA.

To learn more about PCI DSS, visit pciassessment.org.

AddThis Social Bookmark Button     0 Comments     RSS Feed     Email a friend