Tamaño del texto Aumentar el tamaño de la letraDisminuir el tamaño de la letraRestablecer el tamaño de la letra

Empresas y proveedores aprobados

Overview of QSA, PA-QSA, ASV, ISA, QIR and PCIP Programs

The PCI Security Standards Council operates a number of programs to train, test and certify organizations and individuals to assess and validate adherence to PCI Security Standards. For specifics on each program, click on its heading.

Qualified Security Assessors (QSAs)

Qualified Security Assessor (QSA) companies are organizations that have been qualified by the Council to have their employees assess compliance to the PCI DSS standard. Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI DSS.

Payment Application Qualified Security Assessors (PA-QSAs)

Payment Application Qualified Security Assessor (PA-QSA) companies are organizations that have been qualified by the Council to have their employees assess compliance to the PCI PA-DSS standard. Payment Application Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI PA-DSS.

Approved Scanning Vendors (ASVs)

Approved Scanning Vendors (ASVs) are organizations that validate adherence to certain DSS requirements by performing vulnerability scans of Internet facing environments of merchants and service providers. The Council has approved more than 130 ASVs.

Internal Security Assessors (ISAs)

Internal Security Assessor (ISA) sponsor companies are organizations that have been qualified by the Council. The PCI SSC Internal Security Assessor (ISA) Program consists of internal security audit professionals of Sponsor organizations who are qualified through training from the Council to improve their organization’s understanding of the PCI DSS, facilitate the organization’s interactions with QSAs, enhance the quality, reliability, and consistency of the organization’s internal PCI DSS self-assessments, and support the consistent and proper application of PCI DSS measures and controls.

Qualified Integrators and Resellers (QIRs)

The PCI SSC Qualified Integrators and Resellers Program provides an opportunity for eligible professionals of qualifying organizations to receive training and qualification on the secure installation of PA-DSS validated payment applications into merchant environments in a manner that supports PCI DSS compliance.

PCI Forensic Investigator (PFI)

The PCI Forensic Investigator (PFI) program establishes and maintains rules and requirements regarding eligibility, selection and performance of companies that provide forensic investigation services to ensure they meet PCI Security Standards. The PFI program aims to help simplify and expedite procedures for approving and engaging forensic investigators.

Point-to-Point Encryption (P2PE)

Qualified Security Assessors Point to Point Encryption/ (QSA (P2PE)s companies are organizations that have been qualified by the Council to have their employees assess PCI P2PE Solutions. Qualified Security Assessors Point to Point Encryption assessors are employees of these organizations have been certified by the Council to validate P2PE Solutions.

Payment Application Qualified Security Assessors Point to Point Encryption / PA-QSA (P2PE)s are organizations that have been qualified by the Council to have their employees assess PCI P2PE Solutions and Application. PA-QSA (P2PE)s are employees of these organizations who have been certified by the Council to validate P2PE Solutions and P2PE Applications. They are the only assessors who are qualified to perform Domain 2 assessments.

Payment Card Industry Professional (PCIP)™

The Payment Card Industry Professional™ Program provides a personal qualification that stays with you regardless of your employer. This entry-level credential demonstrates your professional awareness and knowledge of the payments security industry, the PCI standards, and supporting documents.

Soluciones P2PE validadas

PCI Recognized Laboratories

PCI-recognized evaluation laboratories are organizations that have been approved by the Council to conduct security evaluations on a range of product types, both hardware and software. For device vendors and manufacturers, the labs perform device testing to validate compliance to the PIN Transaction Security (PTS) requirements and, to facilitate the evaluation process prior to actual testing, offer guidance on device design and compliance assessments.


Volver al principio

El PCI Security Standards Council (el "Concejo") proporciona una serie de herramientas, cuestionarios, orientación, preguntas frecuentes, recursos de capacitación y otros materiales e información para prestar asistencia a organizaciones que buscan el cumplimiento de sus normas (las "Normas"). También hay productos y servicios de terceros disponibles, pero el Concejo no respalda ni recomienda tales productos o servicios de terceros, y recomienda a todas las organizaciones que buscan el cumplimiento de las Normas familiarizarse con las mismas y sus requisitos relacionados antes de adquirir productos o servicios de terceros. En última instancia, se deben cumplir todos los requisitos aplicables a fin de lograr el cumplimiento, independientemente de si se utilizan productos o servicios de terceros o de cuáles sean.
Powered By OneLink