Merchant Feedback Forms

Your Feedback Is Important

The PCI Security Standards Council urges all merchants and service providers (and others as appropriate) to fill out and return QSA and ASV Quality Feedback Forms after an engagement has been completed. Because payment card data security is so important, it’s critical that the highest levels of quality and professionalism are employed during audits and scans. In addition to rigorous required training and annual re-certification, the performance of each security professional company and individual is regularly evaluated, and your feedback is key to creating a complete picture.

QSAs and ASVs are contractually obligated to provide feedback forms to all of their clients upon completion of services, and links to the forms are also available in the document library. Your completed forms should be submitted directly to the Council at qsa@pcisecuritystandards.org or asv@pcisecuritystandards.org, respectively.

The Council will consider all feedback regarding QSAs/ASVs and will address any issues as needed on an individual basis. If a QSA or ASV is judged to be deficient in his or her efforts, the Council will recommend measures for improvement. If sufficient improvement is not made, the result could be disqualification for the QSA or ASV and removal from the website list.

If improvement is needed, the sooner it can be addressed, the better – the safety of large amounts of payment card data could depend on it. But if we don’t have the necessary feedback to begin with, we can’t fix any problems: please make sure to submit the Feedback Forms. Thank you for your help.