The PCI Security Standards Council maintains rigorous guidelines for its Software Security Framework Assessors. To that end, it has created a clear-cut program to help all Software Security Framework Assessors uphold a strong profile by following a process that ensures their consistency, credibility, competency and ethics. The quality assurance (QA) program is based on eight guiding principles that the assessor community must adhere to:
When a Software Security Framework Assessor enters remediation within the QA program, it indicates there is a need for the Software Security Framework Assessor to improve in one or more areas of their operations. These areas may include a lack of documentation in a series of reports, failure to meet business expectations with a fully operational internal QA program, or a failure to renew appropriate insurance coverage or other requirements addressed within the Software Security Framework Assessor Qualification Requirements. The PCI Security Standards Council has full confidence in all Software Security Framework Assessors posted on our Website. These organizations have successfully demonstrated years of security experience prior to qualifying, and knowledge of the PCI Software Security Framework Assessor requirements, supplemented with annual training and testing. In short, simply because a Software Security Framework Assessor is in remediation, it does not nullify their knowledge of the PCI Software Security Framework Standards' subject matter. All Software Security Framework Assessors currently in remediation status are working diligently with the Council to return to good standing.
Our website uses both essential and non-essential cookies (further described in our Privacy Policy) to analyze use of our products and services. By clicking “ACCEPT” below, you are agreeing to our use of non-essential cookies to provide third parties with information about your usage and activities. If you click “DECLINE” below, we will continue to use essential cookies for the operation of the website.
