Qualified Security Assessors (QSAs)
Qualified Security Assessor (QSA) companies are organizations that have been qualified by the Council. Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI DSS. The Council has qualified over 100 companies and trained and certified over 1500 assessors.
Approved Scanning Vendors (ASVs)
Approved Scanning Vendors (ASVs) are organizations that validate adherence to certain DSS requirements by performing vulnerability scans of Internet facing environments of merchants and service providers. The Council has approved over 130 ASVs.