A qualified security assessor is an individual with training and certification that allows him or her to assess the compliance to industry safety standards of merchants who process credit card purchases. The data belonging to the individuals who own the cards must be protected from theft, which is the main goal of the assessor. In many cases, a qualified security assessor, or QSA, is required to perform audits on merchants to make sure all industry standards are met. To qualify as a QSA, individuals must go through a training process to learn the standards of the Payment Card Industry, or PSI.
Millions of credit card purchases take place every single day, yielding the opportunity for cyber-hackers to steal the data found on credit cards. The prevalence of such theft required the credit card industry to do something about the issue. As a result, the Payment Card Industry formed a Security Standards Council, also known as the PSI SSC, which developed a set of standards to which all merchants who process credit card purchases must adhere. Agents were needed to certify that these compliance efforts were taking place. For this reason, the position of qualified security assessor was initiated to handle these duties.
When merchants process a large number of credit card transactions in a year, they must receive verification that they are indeed compliant with the rules laid down by the PSI SSC. To do that, they must be audited by a qualified security assessor. Once this certification is received, it is passed along to the bank that or financial institution that issues the merchant services account allowing for credit card purchases to take place.
The audit performed by a qualified security assessor is actually one of the last steps in the certification process for merchants. Merchants must also fill out a Self-Assessment Questionnaire, or SAQ, concerning their compliance methods. A QSA studies the results of this questionnaire and makes personal observations based on his or her training to make the final determination.
Becoming a qualified security assessor requires learning the standards of compliance, which were set down in 2006 by the Payment Card Industry. To do this, all individuals seeking to become assessors must complete a training course set up by the PSI SSC which delineates all of the compliance rules and the techniques used by assessors. With this training and their professional experience, these assessors can help assure the public of the safety of credit card transactions.