Earlier this month I took my annual QSA re-training and then the re-qualification exam to continue being a QSA (for my third year). For those of you who don't know, the PCI Council requires all QSAs to go through this process each year. The good news is it looks like I'll keep doing this for a while.
The re-qualification training has changed quite a bit. It is computer-based, and it has improved each year. This year there was a lot of focus on PCI version 2.0 changes as well as the supplementary guidelines issued by the Council. The refresher on the actual PCI DSS Requirements was pretty cursory, as you would imagine for a current QSA, but there was some additional material that was quite well done. The test was a series of multiple choice questions on everything PCI and payment cards. My biggest problem was arguing with the test because I could make a case in a couple of instances that several answers were true. I know talking back to a computerized test is neither very useful nor productive, but I felt better. All of which is to say I likely didn't score 100%.
I'm looking forward to another year of blogging, working with my clients, and definitely another year of the Treasury Institute's PCI Workshop. I hope to see many of you there next April.
No comments:
Post a Comment