PCI Security Standards Council

QSA Training

2008 Training Schedule
Requirements
How to Register
Fees
General Information
Contact Us

2008 Training Schedule

Initial Qualification Training (for new QSAs)

Session

Date

Time

Location

1

15,16 September 2008

08:30-17:30

Prague, Czech Republic - SOLD OUT

2

18,19 September 2008

08:30-17:30

Prague, Czech Republic

3

6,7 October 2008

08:30-17:30

San Juan, Puerto Rico

4

18,19 November 2008

08:30-17:30

San Francisco, USA

Annual Re-qualification Training (for experienced QSAs)

Session

Date

Time

Location

1

17 September 2008

08:30-17:30

Prague, Czech Republic

2

8 October 2008

08:30-17:30

San Juan, Puerto Rico

3

20 November 2008

08:30-17:30

San Francisco, USA

Note: Training dates are subject to change based on demand.


Requirements

In order to attend either of the above trainings your company must already be a validated QSA Company. Please see the Validation Requirements for Qualified Security Assessors (QSAs) v 1.1. for more details.

All training inquiries and assignments must be submitted through your company’s assigned Primary Contact. If you are preparing to attend PCI QSA re-qualification training in 2008, please be aware of the required documentation that your primary contact will need to submit on your behalf.

NEW QSA training documentation requirements:

  • All training inquiries and assignments must be submitted through your company’s primary contact.
  • PCI SSC requires all training attendees to be full time employees of a Validated QSA company.
  • QSA applicant must meet either of the following minimum requirements, and a resume must be submitted reflecting:
    • CISSP, CISA or CISM Certificate, or
    • 5 Years of IT Security experience in a Resume’ format

Re-Qualification QSA training documentation requirements:

  • All training inquiries and assignments must be submitted through your company’s primary contact.
  • PCI SSC requires all training attendees to be full time employees of a Validated QSA company
  • Proof of information systems assessment training within the last 12 months to support professional certifications (even if the employee does not have professional certifications), of a minimum 20 Continuing Education (CE) hours per year and 120 Continuing Education (CE) hours over the rolling three year period. Training provided by PCI SSC will count towards the annual CE hours. Click here for information on activities that qualify for CE Hours.

How to Register

All trainings must be submitted by the QSA Company Assigned Primary Contact.  An email with the following information should be sent to the QSA Program Manager at: qsa@pcisecuritystandards.org.

NEW QSA Training

  • Name of employee
  • Location and Date of QSA Training
  • Required Documentation: QSA applicant must be able to show either of the following two items:
    • CISSP, CISA or CISM Certificate
      OR
    • 5 Years of IT Security experience in a Resume’ format

Re-Qualification QSA training

  • Name of employee
  • Location and Date of QSA Training
  • Required Documentation: Proof of information systems assessment training within the last 12 months to support professional certifications (even if the employee does not have professional certifications), of a minimum 20 Continuing Education (CE) hours per year and 120 Continuing Education (CE) hours over the rolling three year period. This is in addition to training provided by PCI SSC. Click here for information on activities that qualify for CE Hours.

For CE Hours please submit the following information in either an email using the format below or by submitting the attached form (click here to download form):

Name of Employee Title or Name of Program/Course Date Location CE Hours

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 
  • Name
  • Title or Name of Program/Course
  • Date(s)
  • Location
  • CE Hours Earned (Click here for information on how to calculate CE hours)

**QSAs will not be assigned a seat in QSA re-qualification training until this proof is received by PCI SSC.

Fees

Please be aware of changes that have been made to the training fees for 2008.

All QSA Companies pay a fee of $500 USD for training through June 30, 2008. Please be aware that the following changes have been made to the training fees for 2008 beginning on July 1, 2008.

Region New QSA Training Fee per Individual Re-qualification QSA Training Fee per Individual
Asia Pacific

$500 USD

$500 USD

Canada

$1,250 USD

$995 USD

Central Europe, Middle East, and Africa

$500 USD

$500 USD

Europe

$1,250 USD

$995 USD

Latin America and the
Caribbean

$500 USD

$500 USD

USA

$1,250 USD

$995 USD

All training fees are NON-REFUNDABLE and NON-TRANSFERABLE. Please pay close attention when scheduling your employees for training

For a list of the Regions and associated countries, please go to: Regional Countries

General Information Regarding Training

  • Training Times 8:30 AM – 5:30 PM (17:30).  This is the same for both training sessions; new and re-qualification.  Both of these classes end with a test being administered, we strongly recommend you set your flights to allow ample time to take the test and meet your flight.
  • The only materials you will need to bring are writing utensils for any notes you wish to take. Only hand written notes will be allowed, no electronic devices can be used during the exam.
  • The exact location of each training session is sent to the Primary Contact only, and is sent approximately 30 days prior to the session being held.
  • PCI SSC does not negotiate or “block” room rates for any hotel location that may host a training session. All rooms are subject to the hotel rates.
  • Prior to attending either PCI training session it is strongly recommended you familiarize yourself with the following publications:
    • PCI Glossary
    • PCI DSS
    • PCI Self Assessment Questionaire (SAQ) and its accompanying FAQ
    • PCI DSS Audit Procedures

Test Results: The Primary Contact at the QSA Company will be notified two weeks after the QSA attends and takes the PCI QSA test. Employees who fail may retake the training and test, upon payment of a re-test fee. If the employees pass, the QSA Company will be sent a certificate that validates the employee for the next 12 months.

Hiring or employing a QSA does not assume the Company has met all of the PCI SSC validation requirements.