Stampa Stampa
Dimensione testo Aumenta dimensione carattereDiminuisce dimensione carattereReimposta dimensione carattere

QSA Training

Training Schedule
Requirements
How to Register
General Information
Contatti

 

 

2011 New QSA Training Course Schedule

Session
Date
Time
Location
Fee
8
 13-14 July 09:00-17:30 Toronto, Canada $2,000 USD
Sold Out
10
 15-16 September 09:00-17:30 Scottsdale, Arizona, USA $2,000 USD
11
 13-14 October 09:00-17:30 London, United Kingdom $3,000 USD

*Please Note: plus any applicable VAT.
Please note that training fees have increased for some locations due to local area costs.

English QSA Re-qualification fee: $1250 USD

Japanese QSA Re-qualification fee: $2000 USD

NEW FORMAT FOR NEW QSA TRAINING IN 2011

Beginning in 2011 the New QSA training course will have a new look and feel to it to accommodate many of the suggestions the Council has received on the course. The course will consist of two parts: an on-line course followed by a short exam and a two-day instructor-led session ending with an exam.

To register a candidate for a New QSA training course in 2011, the primary contact of the QSA Company must first submit a resume to the Training Coordinator for review with a request for registration in a specific on-site training session. After the resume has been approved, the candidate will be registered for the PCI Fundamentals Course, a four hour on-line training course followed by an exam. The candidate will also be registered for the on-site instructor-led session that the Primary Contact requested. An invoice for the full amount of the course will be issued to the Primary Contact and once it has been paid, login credentials for the on-line PCI Fundamentals Course will be emailed to the Primary Contact with instructions on how to complete the course.

Once the candidate has completed the PCI Fundamentals training and exam, the Primary Contact will be notified of either a passing or failing grade. If the candidate failed the exam, he or she will be allowed one additional attempt to take it and pass without being charged an additional fee. If the candidate passed the exam, the attendee's seat will be confirmed and a confirmation email will be sent to the Primary Contact with complete location details. As a QSA candidate, your seat is not confirmed until your Primary Contact receives a confirmation email.

If the candidate receives two failing grades for the PCI Fundamentals course, his seat at the instructor-led session will be given up. If he wishes to try again, the candidate will be required to pay the full course fee a second time and receive a passing grade in the PCI Fundamentals course to be allowed to attend the two-day instructor-led session. There will be no exceptions made.

SUBSTITUTION POLICY:
If your company needs to substitute one candidate for another due to unforeseen circumstances, the new candidate will be required to complete the PCI Fundamentals course prior to attending the instructor-led session. If the replaced candidate decides to attend a later course, he or she will be required to complete the PCI Fundamentals course before attending the instructor-led session (even if the candidate has previously passed the exam.) PCI SSC will not allow substitutions within one week of the start date of the training session for any reason.

Requirements

At this time PCI SSC does not offer QSA certifications to individuals who do not work for validated QSA Companies. You must be a full time employee of a QSA Company in order to attend QSA Training and be certified as a QSA. Please refer to the PCI Awareness Training page for an optional training opportunity that may meet your needs.

In order to attend any of the above trainings your company must already be a validated QSA Company. Please see the Validation Requirements for Qualified Security Assessors (QSAs) v 1.2. for more details.

If you are preparing to attend PCI QSA re-qualification training in 2011, please be aware of the required documentation that your primary contact will need to submit on your behalf.

NEW QSA training documentation requirements:

  • All training inquiries and assignments must be submitted through the QSA company's primary contact.
  • PCI SSC requires all training attendees to be full time employees of a Validated QSA company.
  • QSA applicants must meet either of the following minimum requirements, and a resume must be submitted reflecting:
    • CISSP, CISA or CISM Certificate, or
    • 5 Years of IT Security experience in a Resume format
  • All QSA Program training attendees must accept and sign the PCI SSC QSA Employee Certification form and submit at the training session.
  • The only document that attendees will be allowed to reference during the test is a translation dictionary if needed.

Re-Qualification QSA training documentation requirements:

Please note that Annual QSA Requalification Training will be held in CBT format.

  • All training inquiries and assignments must be submitted through the QSA company's primary contact.
  • PCI SSC requires all training attendees to be full time employees of a Validated QSA company.
  • Proof of information systems assessment training within the last 12 months to support professional certifications (even if the employee does not have professional certifications), of a minimum 20 Continuing Education (CE) hours per year and 120 Continuing Education (CE) hours over the rolling three year period. Training provided by PCI SSC will count towards the annual CE hours. Click here for information on activities that qualify for CE Hours.
  • Any requalification training request sent without the QSAs CE hours for the past 12 months will not be processed.
  • All QSA Program training attendees will be required to sign and accept the terms of the PCI SSC QSA Employee Certification form at the time they begin the CBT training.
  • Payment of the training invoice must be received before login information will be created and sent to the primary contact.

How to Register

All requalification training requests must be submitted by the QSA Company assigned Primary Contact. An email with the following information should be sent to the QSA Program Manager at: training@pcisecuritystandards.org.

NEW QSA Training

  • Name of employee
  • Location and Date of QSA Training
  • Required Documentation: QSA applicantis resume must be able to show either of the following two items:
    • CISSP, CISA, or CISM Certificate
      OR
    • 5 Years of IT Security experience in a resume format

Re-Qualification QSA training

  • Name of employee
  • Required Documentation: Proof of information systems assessment training within the last 12 months to support professional certifications (even if the employee does not have professional certifications), of a minimum 20 Continuing Education (CE) hours per year and 120 Continuing Education (CE) hours over the rolling three year period. Click here for information on activities that qualify for CE Hours.
    • New QSA Training prior to 2011 is granted 13 CPE hours. New QSA Training in 2011 is granted 15 CPE hours
    • Requal QSA Training is granted 5 CPE hours
      • These must be included in the CPE report sent to the PCI SSC. They will not be added automatically

For CE Hours please submit the following information in either an email using the format below or by submitting the attached form (click here to download form):

Name of Employee
Title or Name of Program/Course
Date
Location
CE Hours

  • Name
  • Title or Name of Program/Course
  • Date(s)
  • Location
  • CE Hours Earned (Click here for information on how to calculate CE hours)

**QSAs will not be assigned a seat in QSA re-qualification training until this proof is received by PCI SSC and the training invoice is paid.

General Information Regarding Training

All training fees are NON-REFUNDABLE and NON-TRANSFERABLE. Confirmation and location details will not be sent intil payment is received. Payment Options: An invoice will be issued upon completion of registration and will include instructions to pay by Check, Credit Card or Wire Transfer.

Training times can vary, you should check the schedule above for the exact time of each class. Both classes end with a test being administered, PCI SSC strongly recommends you set your flights to allow ample time to take the test and meet your flight for NEW QSA classes. Tests will not be administered early for any reason.
The only materials you will need to bring are writing utensils for any notes you wish to take. No electronic devices can be used during the exam. Attendees will not be allowed to reference any training material as the exam is now a closed-book exam.

The exact location of each new QSA training session is sent to the Primary Contact only, and is sent approximately 30 days prior to the session being held, if the training invoice has been paid.

PCI SSC does not negotiate or "block" room rates for any hotel location that may host a training session. All rooms are subject to the hotel rates. All attendees will be responsible for making their own room reservations.
Prior to attending either PCI training session it is strongly recommended you familiarize yourself with the following publications:

  • Glossario PCI
  • PCI DSS
  • PCI Self Assessment Questionaire (SAQ) and the accompanying FAQ
  • PCI DSS Assessment Procedures
  • The PCI website in general and any recent statements submitted in the New & Events section of the website.
Attendance during the entire two day PCI SSC NEW QSA training class is mandatory. Missing more than 30 minutes of the class will automatically result in PCI SSC QSA exam and removal from the class.

PCI SSC will no longer issue training manuals for PCI QSA Annual requalification training and testing. It is recommended that the person taking the online exam keep a copy of the PCI DSS, Glossary and Brand validation levels and requirements with them when they are preparing to sit the exam.

Test Results: The Primary Contact at the QSA Company will be notified two weeks after the QSA attends and takes the PCI QSA exam. Employees who fail may retake the training and exam, upon payment of a re-test fee. For each attendee that passes the exam, the QSA Company will receive a certificate that validates the employee for the next 12 months.

Hiring or employing a QSA does not assume the Company has met all of the PCI SSC validation requirements.

Certification Programs

Inizio pagina

L’ente responsabile degli standard di protezione PCI (l’ “Ente responsabile”) mette a disposizione diversi strumenti, questionari, istruzioni, Domande frequenti (FAQ), risorse per la formazione ed altri materiali ed informazioni per offrire assistenza alle organizzazioni che cercano di ottenere la conformità ai suoi standard (gli “Standard”). Sono disponibili anche prodotti e servizi di terze parti, ma l'Ente responsabile non approva o raccomanda alcuno di tali prodotti o servizi, e consiglia a tutte le organizzazioni che cercano di ottenere la conformità di conoscere gli Standard ed i requisiti correlati prima di acquistare prodotti o servizi di terze parti. In conclusione, per ottenere la conformità è necessario soddisfare tutti i requisiti applicabili, indipendentemente da se e quali prodotti o servizi di terze parti siano utilizzati.
Powered By OneLink