- Transaction volume, customer requirements, or contractual obligations can determine if a self-assessment or independent audit by a QSA is required.
- PCI DSS compliance can be a competitive advantage for service providers
- A sustainable PCI DSS compliance program begins with a sustainable IT environment.
In 2006 the major card brands formed the PCI Security Standards Council (SSC) with the goal of managing the evolution of the Data Security Standard (DSS). Today that has expanded to several other standards and compliance programs. As part of the DSS compliance program, the PCI SSC certifies Qualified Security Assessor (QSA) companies to perform independent audits of merchants and service providers related to the PCI DSS.
