Posted by DFM on Feb 14, 2014
PCI DSS QSA

PCI DSS QSA

PCI DSS QSAYou may have seen the abbreviation pci dss qsa and thought that it was just a bunch of nonsense letters put next to each other. You could be forgiven for thinking that, because at first glance it does appear that way. But the abbreviation actually stands for Payment Card Industry Data Security Standard Qualified Security Assessor, which is why it is abbreviated. That is quite a lot to say on a daily basis for the people who actually hold that title, so the abbreviation is kind of nice. This is a status that is given by the Payment Card Industry Security Standards Council, and in order to get it you must have advanced education in information security. You need to have also had training from the Security Standards Council, as well as be an employee of an approved security and auditing firm. Finally, you are required to be performing Payment Card Industry compliance assessments that relate to security of credit card information. The abbreviation pci dss qsa could also be used for individuals who are qualified to conduct Payment Card Industry compliance tests, audits, and consultations. Those who receive this designation will assess firms that use and process credit card data. They will assess the extent to which they are adhering to the Data Security Standard. There are various types of auditing and different reporting requirements that are necessary. In particular, there are twelve high-level control objectives that have to be met directly. For example, one requirement states that storing track data is prohibited and there can be no compensating controls. In general, the requirements are very precise and very detailed. That is because they have a large impact upon the level of security in credit card transactions, which have become the norm in most developed countries, even for small and routine purchases.