Regulatory Compliance, Governance and Security

Nov 24 2009   6:51PM GMT

PCI Qualified Security Assessor | How to Choose a QSA



Need a PCI Qualified Security Assessor? Curious as to how to choose a QSA? First and foremost, make sure the QSA has ample experience in performing on-site PCI DSS Level 1 assessments for merchants and service providers. Additionally, make sure the QSA has ample knowledge of policies and procedures, or can at least point you into the right direction of what policies and procedures should be used to help facilitate compliance for you.

Additionally, talk to the QSA directly and inquire about how he or she conducts the entire PCI assessment and compliance process, from beginning to end, that is, what specific phases or PCI Roadmap to Compliance does he or she follow. What specific areas throughout these phases is the QSA going to assist your organization on.

QSA’s are human, so each has their own respective style on conducting PCI DSS assessments. Talk to them to find out which methodology fits best for your organization.

Compliance with the Payment Card Industry Data Security Standards (PCI DSS) provisions can be costly and time-consuming, you want to pick a QSA who truly understands your needs and challenges for PCI DSS.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: