Text size Increase Font-SizeDecrease Font-SizeReset Font-Size

Payment Application Qualified Security Assessor (PA-QSA) ™

About the Course

Course Description

The Payment Application Qualified Security Assessor (PA-QSA) is rich in knowledge and techniques and includes:

  • PCI Industry Overview – In depth coverage of the payment card industry, the terminology used to describe its key aspects, the flow of data through the various payment card mechanisms and the relationships between the various actors in the process

  • PCI Thresholds and Brand Specific Requirements – Detailed coverage of the classifications and compliance requirements for merchants, service providers and vendors and the various specific requirements imposed by the various card brands

  • PCI –Data Security Specification (DSS) - In-depth training an every aspect of the current DSS including requirements, reasoning and what constitutes compliance with the requirement

  • PCI Code Review and Analysis – In-depth training on executing code reviews and locating non PCI compliant constructs and procedures in applications that implement payment card processing systems

  • PCI Hardware and Communications Infrastructure – In-depth training on the current state of typical devices and connectivity used by organizations to accept payment cards, and communicate with the verification and payment facilities

  • PCI Reporting – In depth training on constructing and filing the necessary compliance reports and techniques for communicating results to those being audited


Back to Top

The PCI Security Standards Council (the "Council") provides a variety of tools, questionnaires, guidance, FAQs, training resources and other materials and information to assist organizations seeking to achieve compliance with its standards (the "Standards"). Third party products and services are also available, but the Council does not endorse or recommend any such third party products or services, and advises all organizations seeking to achieve compliance to become familiar with the Standards and related requirements before purchasing third party products or services. Ultimately, all applicable requirements must be met in order to achieve compliance, regardless of whether or what third party products or services are used.