Drucken Drucken
Textgröße Schriftbild vergrößernSchriftbild verkleinernSchriftbild zurücksetzen

Zugelassene Firmen und Anbieter

Overview of QSA, PA-QSA, ASV and ISA Programs

The PCI Security Standards Council operates a number of programs to train, test and certify organizations and individuals to assess and validate adherence to PCI Security Standards. For specifics on each program, click on its heading.

Qualified Security Assessors (QSAs)

Qualified Security Assessor (QSA) companies are organizations that have been qualified by the Council to have their employees assess compliance to the PCI DSS standard. Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI DSS.

Payment Application Qualified Security Assessors (PA-QSAs)

Payment Application Qualified Security Assessor (PA-QSA) companies are organizations that have been qualified by the Council to have their employees assess compliance to the PCI PA-DSS standard. Payment Application Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI PA-DSS.

Approved Scanning Vendors (ASVs)

Approved Scanning Vendors (ASVs) are organizations that validate adherence to certain DSS requirements by performing vulnerability scans of Internet facing environments of merchants and service providers. The Council has approved more than 130 ASVs.

Internal Security Assessors (ISAs)

Internal Security Assessor (ISA) sponsor companies are organizations that have been qualified by the Council. The PCI SSC Internal Security Assessor (ISA) Program consists of internal security audit professionals of Sponsor organizations who are qualified through training from the Council to improve their organization’s understanding of the PCI DSS, facilitate the organization’s interactions with QSAs, enhance the quality, reliability, and consistency of the organization’s internal PCI DSS self-assessments, and support the consistent and proper application of PCI DSS measures and controls.


Zurück nach oben

Der PCI Security Standards Council (der "Council") bietet verschiedene Funktionen, Fragebögen, Anleitungen, FAQs, Trainingshilfen und andere Materialien und Informationen, um Organisationen bei ihren Bemühungen zu unterstützen, die Standards zu erfüllen (die "Standards"). Fremdprodukte und -dienstleistungen sind ebenso verfügbar, der Council billigt oder empfiehlt jedoch derartige Fremdprodukte oder -dienstleistungen nicht und rät allen Organisationen aus Compliance-Gründen, sich mit den Standards und den entsprechenden Anforderungen vertraut zu machen, ehe Sie Fremdprodukte oder -dienstleistungen erwerben. Und dann müssen unabhängig davon, ob und welche Fremdprodukte verwendet werden, alle geltenden Anforderungen erfüllt sein, um Compliance zu erreichen.
Powered By OneLink