Qualified Security Assessor program

E192649

The Qualified Security Assessor program is a PCI Security Standards Council initiative that certifies organizations and individuals to assess and validate merchants’ and service providers’ compliance with PCI Data Security Standards.

All labels observed (2)

How this entity was disambiguated

Statements (48)

Predicate Object
instanceOf PCI SSC program
certification program
administeredBy PCI Security Standards Council
appliesTo merchants
service providers
assessmentType third-party security assessment
certifies Qualified Security Assessor companies
Qualified Security Assessor individuals
documentation QSA program
surface form: QSA Program Guide

QSA Qualification Requirements
focusesOnStandard PCI DSS
surface form: PCI Data Security Standard
geographicScope global
governsActivity onsite review of cardholder data environment
testing of PCI DSS security controls
governsRole Qualified Security Assessor program self-linksurface differs
surface form: Qualified Security Assessor
hasAbbreviation QSA program
hasEligibilityCriterion employer is a PCI SSC-approved QSA company
information security experience
knowledge of payment card industry
hasParticipantType PCI SSC training attendee
QSA company
QSA employee
industryDomain payment card security
objective to improve security of cardholder data
to provide consistent PCI DSS assessments
output Attestation of Compliance
Report on Compliance
purpose to qualify assessors to evaluate PCI DSS compliance
regulatoryContext card brand PCI programs
relatedProgram Approved Scanning Vendor program
Internal Security Assessor program
Payment Application Qualified Security Assessor program
requires adherence to PCI SSC QSA Qualification Requirements
annual requalification
independence from assessed entities
ongoing continuing professional education
organizational quality assurance processes
passing PCI SSC qualification exams
training by PCI Security Standards Council
requiresComplianceWith PCI SSC Code of Professional Responsibility
scopeIncludes assessment of PCI DSS controls
validation of PCI DSS compliance
supportsProcess PCI DSS compliance validation
on-site PCI DSS assessments
usedBy acquiring banks
large merchants
payment card brands
payment processors

How these facts were elicited

Referenced by (3)

Full triples — surface form annotated when it differs from this entity's canonical label.

PCI Security Standards Council managesProgram Qualified Security Assessor program
PCI DSS complianceValidatedBy Qualified Security Assessor program
this entity surface form: Qualified Security Assessor
Qualified Security Assessor program governsRole Qualified Security Assessor program self-linksurface differs
this entity surface form: Qualified Security Assessor