CHAPTER 10: PROCEDURES AND QUALIFICATIONS
The PCI SSC mandates the procedures that must be followed in conducting audits and in carrying out scanning procedures. It also lays down specific requirements for qualification as a QSA or an ASV.
PCI DSS Validation Requirements for Qualified Security Assessors (QSAs) v 1.2.
www.pcisecuritystandards.org/documents/qsa_validation_requirements.pdf
To be recognised as a QSA by the PCI SSC, QSAs must meet or exceed the requirements described in the above document and must also execute the QSA Agreement in Appendix A with the PCI Council. Clients can provide feedback on the effectiveness of the QSA.
QSA Feedback Form
www.pcisecuritystandards.org/approved_companies_providers/qsafeedback1.php
QSA feedback ...
Get PCI DSS: A Pocket Guide 4th edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.