Brown Smith Wallace Achieves Qualified Security Assessor (QSA) Status from the PCI Security Standards Council

After stringent testing and qualification, Larry Newell, Abby Heisserer and Maaria Seider of Brown Smith Wallace’s Risk Advisory Services practice have earned the Qualified Security Assessor (QSA) certification from the Payment Card Industry (PCI) Security Standards Council.

Brown Smith Wallace is the only St. Louis based firm that has staff certified in validating merchant and service provider compliance with the PCI Data Security Standards (DSS). In addition to performing validation services, the team is able to assist clients with their overall compliance process by helping define the PCI scope, perform an assessment, assist with interpretation of the requirements, identify strategy for compliance, and provide recommendations for prioritization and remediation of non-compliant areas.

Brown Smith Wallace's information security and privacy team has been offering information security services, including external vulnerability assessments, attack and penetration testing, internal vulnerability assessments, security risk assessments, security training, PCI DSS compliance, application security reviews, and social engineering tests for over 10 years. “Our team consists of senior level information security and audit professionals; the team’s significant experience and exposure to large, complex information technology environments allows them to conduct these engagements efficiently and, most importantly, results in clients receiving practical, value-added feedback,” said Tony Munns member in charge of information technology risk advisory services.

“Information security continues to be one of the top concerns for our clients, and this important certification allows us to bring additional expertise and best practices to our clients,” said Ted Flom, member in charge of the Risk Advisory Services practice at Brown Smith Wallace. “We are proud to be the only St. Louis based firm that has gone through the rigorous QSA certification process and our clients are benefiting from an expanded service offerings related to information security and data privacy.”

Due to the impact these assessments can have on the consistent and proper application of security measures and controls, qualification requirements are exacting and detailed. These high-level requirements call for both the service providers and their individual employees to be certified. All QSA professionals must be recertified with the PCI Council on an annual basis.

The QSA accreditation program is administered by the PCI Council, founded by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International. Its mission is to enhance the security of cardholder data by driving the adoption of the PCI Data Security Standards. Any organization that stores, processes or transmits cardholder data must comply with the security standards.