I received official notice today that I passed the Payment Card Industry (PCI) Security Standards Council (SSC) Data Security Standard (DSS) Qualified Security Assessor (QSA) certification exam.
I guess that now makes me a PCISSCDSSQSA.
I received official notice today that I passed the Payment Card Industry (PCI) Security Standards Council (SSC) Data Security Standard (DSS) Qualified Security Assessor (QSA) certification exam.
I guess that now makes me a PCISSCDSSQSA.
Congratulations. About to sit the exam week after next. Any tips – I hear it is multiple choice format is this correct ?
Re your comments on Data Retention – I could n’t agree with you more. For 7 years I was founder and CTO of a large transaction management company processing about 2 million transactions a day. Securing data is best achieved by Data Elimination.
The “nice to have brigade” always push back on this particularly those who argue that for customer service and chargeback reasons you need ready access to 12-18 months data. The balance between business need and business risk has n’t yet been achieved. I fear more TJXs will have to happen before the “penny drops”
Sorry Hubert, I don’t have any tips other than to make sure you have some real-world PCI experience under your belt before sitting for the exam. Sounds like you should do fine.