Call us on 03450 21 21 51

PCI QSA Qualified Security Assessor
Cyber Security Consultants

PCI QSA Qualified Security Assessor

The Payment Application Data Security Standard

Assess your business with SRM and prove that you can keep your customers safe.

To show that you have taken all necessary steps to keep your customer card data safe and secure, you need to arrange an assessment from a PCI Qualified Security Assessor – or QSA.

Achieving certification is a rigorous process but at SRM we’re with you all the way. Our team of Qualified Security Assessors have helped organisations of all shapes, sizes and industries to achieve compliance.

Let us help you prove compliance and give your customers confidence in no time. Call us today for a free quote on 03450 21 21 51 or email

Who is the service for?

Applying to virtually every organisation which accepts, transmits, processes or stores any cardholder data the Payment Card Industry Data Security Standard is aimed at securing the data for customer safety. The standard applies to any number of transactions of different sizes, whether electronically using a terminal either through a service provider, ecommerce website or manually using paper methods.

Because compliance requirements can vary it is the organisations responsibility to establish how they should comply with the Payment Card Industry Data Security Standard, not the responsibility of the QSA. The bank associated with the organisation should be able to advise on the needs to achieve compliance following an assessment. It can be a complex business establishing the exact requirements so advice should be taken.

What is QSA?

A Qualified Security Assessor (QSA) is a person who has been certified by the PCI Security Standards Council to audit merchants for Payment Card Industry Data Security Standard compliance.

Why use an SRM QSA to achieve Compliance?

SRM holds the certification for undertaking this type of work from its laboratory in the North East. Whatever the nature of payment application in use, SRM has the experience to help you achieve compliance and register the necessary paperwork with the international standards body, the PCI SSC.

Achieving compliance is no longer just an annual project. New requirements are ensuring that businesses are monitoring their compliance on a continuous basis. So, is your QSA an expert that you can turn to throughout the year to ensure your organisation is doing all it can to comply with the regulations? Read more in our blog here.

Associated services

PCI DSS Compliance

PCI DSS Compliance

The SRM PCI DSS compliance team includes leading QSAs who use their wealth of experience to help organisations at all levels to understand not only how to comply but also how to reduce costs.

Virtual CISO ™ Virtual ISM ™

Virtual CISO ™ Virtual ISM ™

At SRM we have developed VirtualCISO™ and VirtualISM™, which are totally bespoke services, providing as much or as little as required depending on the individual company.

GDPR Consultants

GDPR Consultants

Our team provides a business-focused service to organisations of all types and size, at all ends of the GDPR-readiness spectrum.

PFI Investigation

PFI Investigation

SRM is one of a handful of companies in the UK retained by the PCI to carry out PFI investigations.

Related articles

How can we be compliant in a cost-effective manner with the PCI DSS?

Achieving PCI compliance is vital for all businesses that accept card payments, but what’s the best way to get started when you are trying to keep costs down in..

Support for Magento 1 is set to end in just over a month. What does this mean for your business?

Businesses using Magento 1 have a decision to make before June. Here are the options and the Magento PCI compliance implications to be aware of. First released to the..

Katie McMillan: on achieving ISO 27001 and QSA qualifications and the challenges facing women in IT

Katie McMillan stands out in the world of Information Security. Not only does she represent one of the growing number of women working in the sector, she also gained..

Back to top