Call us on 03450 21 21 51

SRM Solutions
PCI QSA Qualified Security Assessor
Cyber Security Consultants

PCI QSA Qualified Security Assessor

The Payment Application Data Security Standard

Our team of PCI QSA (Qualified Security Assessors) have been working on delivering projects for over 10 years; all of which have helped organisations at varying levels to understand how to reduce costs while also achieving the compliance required.

Who is the service for?

Applying to virtually every organisation which accepts, transmits, processes or stores any cardholder data the Payment Card Industry Data Security Standard is aimed at securing the data for customer safety. The standard applies to any number of transactions of different sizes, whether electronically using a terminal either through a service provider, ecommerce website or manually using paper methods.


Because compliance requirements can vary it is the organisations responsibility to establish how they should comply with the Payment Card Industry Data Security Standard, not the responsibility of the QSA. The bank associated with the organisation should be able to advise on the needs to achieve compliance following an assessment. It can be a complex business establishing the exact requirements so advice should be taken.

What is QSA?

A Qualified Security Assessor (QSA) is a person who has been certified by the PCI Security Standards Council to audit merchants for Payment Card Industry Data Security Standard compliance.

Why use an SRM QSA to achieve Compliance?

SRM holds the certification for undertaking this type of work from its laboratory in the North East. Whatever the nature of payment application in use, SRM has the experience to help you achieve compliance and register the necessary paperwork with the international standards body, the PCI SSC.

Achieving compliance is no longer just an annual project. New requirements are ensuring that businesses are monitoring their compliance on a continuous basis. So, is your QSA an expert that you can turn to throughout the year to ensure your organisation is doing all it can to comply with the regulations? Read more in our blog here.

Associated services

PCI DSS Compliance

PCI DSS Compliance

The SRM PCI DSS compliance team includes leading QSAs who use their wealth of experience to help organisations at all levels to understand not only how to comply but also how to reduce costs.

Virtual CISO ™ Virtual ISM ™

Virtual CISO ™ Virtual ISM ™

At SRM we have developed VirtualCISO™ and VirtualISM™, which are totally bespoke services, providing as much or as little as required depending on the individual company.

GDPR Consultants

GDPR Consultants

Our team provides a business-focused service to organisations of all types and size, at all ends of the GDPR-readiness spectrum.

PFI Investigation

PFI Investigation

SRM is one of a handful of companies in the UK retained by the PCI to carry out PFI investigations.

Related articles

Katie McMillan: on achieving ISO 27001 and QSA qualifications and the challenges facing women in IT

Katie McMillan stands out in the world of Information Security. Not only does she represent one of the growing number of women working in the sector, she also gained..

PCI DSS compliance is like car maintenance: it’s not just an annual event

PCI DSS compliance is like car maintenance; to ensure your vehicle remains roadworthy throughout the year you need to practise an ongoing programme of routine repairs, regular servicing and..

Free live webinar: 5 signs you need a new QSA

5 signs you need a new QSA – Thursday 22nd November 3pm – 3.45pm (GMT) In this free live webinar Paul Brennecker and Laura Chatton will be discussing the..