Qualified Security Assessor (QSA)
BEW Global has developed a strategic partnership with Security Horizon, Inc. to perform the PCI QSA (Payment Card Industry Qualified Security Assessor) services required by the PCI DSS (Data Security Standard) for qualifying Merchants and Service Providers. Through this partnership, BEW Global can provide PCI DSS QSA services across the US, Europe and Asia. As a PCI QSA, Security Horizon has completed a rigorous process to become a Qualified Security Assessor and is required annually to demonstrate their expertise by completing additional training and certification programs administered by the PCI Security Council’s designated training center. Security Horizon's QSA Consultants are qualified to perform onsite audits and are driven to incorporate the customers’ specific requirements.
QSA Pre-Audit Assessment Services
A full QSA audit can sometimes take weeks to complete. We can perform a Pre-Audit Compliance check in order to maximize the success of the QSA audit, or even to provide a second opinion before submitting a Self-Assessment Questionnaire SAQ. While this service does not collect the same level of evidence as a full QSA Audit, the intent, depth, and scope of the requirments will be shown along with advice and guidance to indicate the outcome of a full audit.QSA Audit Services (ROC)
Our QSA provides a comprehensive onsite audit as required for all tier 1 and 2 merchants and service providers, and this engagement will lead to the completion of a Report On Compliance (ROc). The audit process is conducted onsite in accordance with both internal quality assurance reporting standards and the PCI Security Standards Council's guidance. Evidence of the client's compliance with each requirments is gathered via relevant mechanisms including interview, system testing, analysis, policy audits, process assessments, and controls. Our team always seeks to build strong customer relations so that any issue can be dealt with as soon as they arise rather than waiting until the end of the audit process.
The partnership between BEW Global and Security Horizon allows our customers to obtain a full suite of PCI DSS compliance solutions including the following:
| PCI DSS Services | |
|---|---|
| PCI DSS Gap Analysis & SAQ | |
| QSA Pre-Audit | |
| QSA Audit (ROC) | |
| Quarterly ASV Scanning | |
| Annual Penetration Testing | |
| Wireless Vulnerability Assessment | |
| Web Application Vulnerability Assessment |
Customers benefit from the expertise that BEW Global and Security Horizon each bring to an engagement, and yet we are still able to maintain a separation of duties that sustains audit integrity. Unlike many of our competitors who may implement PCI DSS controls and then audit their own work, BEW Global and Security Horizon may manage a project in tandem, but always maintain operational and audit independence of their respective operations. We believe this will benefit our customers by having their environment assessed and controls implemented by one team of experts, and the audit completed by a separate team of arms-length experts.
