テキストのサイズ フォントサイズを大きくするフォントサイズを小さくするフォントサイズをリセットする

承認された会社およびプロバイダ

Overview of QSA, PA-QSA, ASV, ISA, QIR and PCIP Programs

The PCI Security Standards Council operates a number of programs to train, test and certify organizations and individuals to assess and validate adherence to PCI Security Standards.For specifics on each program, click on its heading.

Qualified Security Assessors (QSAs)

Qualified Security Assessor (QSA) companies are organizations that have been qualified by the Council to have their employees assess compliance to the PCI DSS standard.Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI DSS.

Payment Application Qualified Security Assessors (PA-QSAs)

Payment Application Qualified Security Assessor (PA-QSA) companies are organizations that have been qualified by the Council to have their employees assess compliance to the PCI PA-DSS standard.Payment Application Qualified Security Assessors are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI PA-DSS.

Approved Scanning Vendors (ASVs)

Approved Scanning Vendors (ASVs) are organizations that validate adherence to certain DSS requirements by performing vulnerability scans of Internet facing environments of merchants and service providers.The Council has approved more than 130 ASVs.

Internal Security Assessors (ISAs)

Internal Security Assessor (ISA) sponsor companies are organizations that have been qualified by the Council.The PCI SSC Internal Security Assessor (ISA) Program consists of internal security audit professionals of Sponsor organizations who are qualified through training from the Council to improve their organization’s understanding of the PCI DSS, facilitate the organization’s interactions with QSAs, enhance the quality, reliability, and consistency of the organization’s internal PCI DSS self-assessments, and support the consistent and proper application of PCI DSS measures and controls.

Qualified Integrators and Resellers (QIRs)

The PCI SSC Qualified Integrators and Resellers Program provides an opportunity for eligible professionals of qualifying organizations to receive training and qualification on the secure installation of PA-DSS validated payment applications into merchant environments in a manner that supports PCI DSS compliance.

PCI Forensic Investigator (PFI)

The PCI Forensic Investigator (PFI) program establishes and maintains rules and requirements regarding eligibility, selection and performance of companies that provide forensic investigation services to ensure they meet PCI Security Standards.The PFI program aims to help simplify and expedite procedures for approving and engaging forensic investigators.

Point-to-Point Encryption (P2PE)

Qualified Security Assessors Point to Point Encryption/ (QSA (P2PE)s companies are organizations that have been qualified by the Council to have their employees assess PCI P2PE Solutions.Qualified Security Assessors Point to Point Encryption assessors are employees of these organizations have been certified by the Council to validate P2PE Solutions.

Payment Application Qualified Security Assessors Point to Point Encryption / PA-QSA (P2PE)s are organizations that have been qualified by the Council to have their employees assess PCI P2PE Solutions and Application.PA-QSA (P2PE)s are employees of these organizations who have been certified by the Council to validate P2PE Solutions and P2PE Applications.They are the only assessors who are qualified to perform Domain 2 assessments.

Payment Card Industry Professional (PCIP)™

The Payment Card Industry Professional™ Program provides a personal qualification that stays with you regardless of your employer.This entry-level credential demonstrates your professional awareness and knowledge of the payments security industry, the PCI standards, and supporting documents.

Validated Point-to-Point Encryption (P2PE) Solutions

PCI Recognized Laboratories

PCI-recognized evaluation laboratories are organizations that have been approved by the Council to conduct security evaluations on a range of product types, both hardware and software.For device vendors and manufacturers, the labs perform device testing to validate compliance to the PIN Transaction Security (PTS) requirements and, to facilitate the evaluation process prior to actual testing, offer guidance on device design and compliance assessments.


先頭に戻る

PCI Security Standards Council(以下「PCI SSC」といいます) では、組織が PCI 基準(以下「基準」といいます)との準拠を実現するのに役立つさまざまなツール、問診、ガイダンス、FAQ、トレーニングリソースなどの資料や情報を提供します。第三者の製品およびサービスもご利用になれますが、PCI SSC はそのような第三者の製品またはサービスを推奨または是認するものではありません。また、準拠の実現に努めるあらゆる組織が、第三者の製品またはサービスを購入する前に、基準および関連要件に精通できるよう支援するものではありません。最終的に準拠を達成するには、第三者の製品またはサービスを使用しているかどうか、またはどの第三者の製品やサービスを使用しているかに関わらず、該当するすべての要件を満たす必要があります。
Powered By OneLink