QSA

"QSA" stands for a Qualified Security Assessor (and woe be on all who are ever to utter a phrase "PCI auditor") and such definition brings up a picture of a dude who is out there assessing security.

Anton Chuvakin Blog - "Security Warrior" 2009

Martin McKeay, a QSA and author of the Network Security Blog, recommends looking at new strategies for using end-to-end encryption and "tokenization."

Taking Credit Card Security Seriously 2010

Large companies, and some smaller ones that process a large volume of transactions (particularly if they're doing it on the Web), are required to have an independent review of their processes and systems by a security professional credentialed as a qualified security assessor (QSA).

Taking Credit Card Security Seriously 2010

The following are requirements for eligibility in the SPVA Lab Network: Provide information security evaluations in the POS industry; Authorized Qualified Security Assessor (QSA); Provide evaluations in the PIN entry and device security; Approved by the Payment Card Industry to evaluate compliance with the PCI Data Security Standard (PCI DSS), the Payment Application Data Security Standard (PA DSS) and accredited to test PIN Entry Devices for compliance with the compulsory PCI standards (PCI PED).

unknown title 2011

Security Assessor (QSA) and Payment Application QSA (PA-QSA) that conducts over 1,000 IT audits and assessments annually.

unknown title 2011

(PCI) Qualified Security Assessors (QSA) - today released a security assessment validating that Heartland Payment Systems'

unknown title 2011

These alternative routes to compliance must meet QSA approval, but they may be just temporary fixes or be eliminated by future changes to PCI DSS.

Press Releases Press Guy 2010

The research also reveals that the average cost of annual QSA assessment - excluding technology, operating and staff costs - for the largest merchants (Tier 1) averages $225,000, while 10 percent of these large merchants pay $500,000 or more for QSA audits.

Press Releases Press Guy 2010

These results are now available in the newly released report; PCI DSS Trends 2010 - QSA Insights.

Press Releases Press Guy 2010

"This study is the first ever to analyze PCI DSS compliance trends from the QSA perspective and reveals some very interesting information about the way organizations approach compliance and how they protect sensitive information," says Dr Larry Ponemon, chairman and founder of The Ponemon Institute.

Press Releases Press Guy 2010