Qualified Security Assessor (QSA) Certification

Each of the payment card brands (such as VISA®, MasterCard®, American Express®, etc.) defines what is required for merchants of various levels to meet PCI compliance. Your card processor, service provider or payment card brand will communicate these requirements to you, and they are published on the payment brands’ websites.

The largest “merchants” (an organization who processes, transmits or stores credit card data) and those organizations who have experienced breaches are required to have an on-site assessment annually, and it must be performed by a Qualified Security Assessor (QSA). The QSA must assess, verify and document compliance with the entire PCI Data Security Standard (PCI DSS). The deliverable from this engagement is the official Report on Compliance (ROC).

Secure Enterprise is a QSA and is currently in the process of scheduling 2010 engagements. Depending on where you are in the compliance process, you may find benefit in other PCI consulting services prior to or in combination with the on-site assessment.

Unlike traditional internal auditing organizations, Secure Enterprise adds the value of having performed IT-focused security assessments for many industries and to many compliance standards for 15 years. Our Assessors are practicing IT Security consultants as well as QSAs.