Discuss Roles in a PCI DSS Security Assessment
The primary roles involved in a Payment Card Industry Data Security Standard (PCI DSS) security assessment are merchant, merchant's security personnel, merchant's networking personnel, service providers (if any), payment brand (such as Visa and MasterCard), and Qualified Security Assessor (QSA). Research the Internet using the keywords PCI DSS along with the name of each role. Then discuss the following with your classmates on the forum:
What is the purpose of a PCI DSS security assessment? What is the main responsibility of each PCI DSS role?
What tasks does each role perform during a PCI DSS security assessment? Describe at least two tasks per role.
Do you think that every merchant must be evaluated by a QSA for compliance with PCI DSS? Why or why not?