SecureState Obtains PA-QSA Designation

Information Security Company Certified by the PCI Council

(Cleveland, Ohio) SecureState, an information security firm, is pleased to announce its designation as a Payment Application Qualified Security Assessor (PA-QSA), certified by the Payment Card Industry Security Standards Council (PCI SSC).

PA-QSA companies are organizations that have been qualified by the PCI Council to have their employees assess compliance to the PCI PA-DSS standard. PA-QSAs are employees of these organizations who have been certified by the Council to validate an entity’s adherence to the PCI PA-DSS.

As a PA-QSA, SecureState has the knowledge and expertise required by the PCI SSC to perform a RoV –Report on Validation. Before the RoV is undertaken, SecureState strongly recommends a PCI PA-DSS Gap Assessment to help to prepare for the assessment. In addition, SecureState can review and write the entire Implementation Guide (as required by PA-DSS) for the specific payment application.

The PCI Security Standards Council maintains an in-depth program for security companies seeking to be certified as PA-QSAs, as well as to be re-certified as PA-QSAs each year.

SecureState’s PA-QSA application experts are qualified to review an organization’s Implementation Guide, interview key members of the development team, and perform the required technical assessments for PA-DSS compliance. SecureState then issues an RoV, which describes the payment application in detail, including data flows, network diagrams, and any other pertinent information as required by the PCI-SSC.

You must have a PCI Report on Validation performed if you are a software vendor who develops a payment application that stores, processes, or transmits cardholder data as part of the authorization or settlement process, where the application is sold, distributed, or licensed to third parties.

About SecureState

SecureState provides information security assessments and information protection to help our clients obtain and maintain their desired state of security. SecureState information protection consultants work to provide the very best physical, logical and personnel security services through audit and compliance, attack and penetration tests, data forensics, and security program building. Our clients span a variety of industries giving SecureState the experience of working in unique environments. We take that experience, combined with our consultants' experience of working for Military Intelligence, Big X Consulting, government agencies and various other law enforcement entities, and apply it to your organization.