Risk-based PCI compliance approach

Choosing a QSA company for third-party audits

Organizations that require an annual PCI compliance audit have many options when it comes to choosing a Qualified Security Assessor (QSA) company. While the PCI Security Standards Council validates each QSA company’s adherence to the PCI DSS, there are still differences between QSA companies, their approaches to the audit process, and the resources they can provide.