Qualified Security Assessor Companies

Qualified Security Assessor (QSA) companies are organizations that have been qualified by the Council to have their employees assess compliance to the PCI DSS standard. Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI DSS.

Please note, the PCI Security Standards Council maintains an in-depth program for security companies seeking to be certified as Qualified Security Assessors (QSAs), as well as to be re-certified as QSAs each year.

Certification and re-certification indicate only that the applicable QSA has successfully met all PCI Security Standards Council requirements to perform PCI data security assessments, and the PCI Security Standards Council does not endorse these security solution providers or their business processes or practices.

Although the PCI Security Standards Council strives to ensure that the list of Qualified Security Assessors linked to this page is current, the list is updated frequently and the PCI Security Standards Council cannot guaranty that the list is current at all times. Accordingly, each time a client engages a QSA, the client is advised to check this list on a regular basis to ensure that its QSA has successfully maintained its status as a Qualified Security Assessor.

Please read the Remediation Statement.

Qualified Security Assessors

QSA Companies

Verify a QSA Employee

Zahlungsanwendung QSAs (PA-QSA)

Internal Security Assessors