Confessions of the QSA: An Introduction to the Payment Card Industry Data Security Standard

 

As most in the industry know, a QSA must get certified by the PCI Security Standards Security Council to audit merchants for Payment Card Industry Data Security Standard (PCI DSS) compliance. Created in 2004 by major credit card brands, such as Visa and American Express, the council acts as a form of self-regulation.

So, how did Weaver become an expert on PCI, and what types of solutions does it offer its clients?

On this episode of Weaver: Beyond The Numbers, host Tyler Kern talked with Trip Hillman, Director of Cyber Security Services at Weaver, and Kyle Morris, Manager of IT at Advisory Services at Weaver. The trio dug into insights from Weaver’s Quality Security Assessor and explored how Weaver dove headfirst into PCI.

The PCI DSS applies to organizations that store, process, transmit or could affect the security of cardholder data. Companies that fall under this standard could do a variety of things, such as an annual self-assessment questionnaire, or bring in a third-party, independent QSA to do a full-blown report on compliance audit.

Morris is a QSA and started at Weaver about eight years ago. A few years into his career, they had a client, a service provider, start getting asked by their customers if they knew anything about PCI and the report on compliance. At the time, they hadn’t done anything with it, but decided to figure it out. That morphed into Weaver diving headfirst into PCI.

“We help people with self-assessment questionnaires or SAQs and everything from full-on ROCs for Fortune 50 Cloud Providers to small merchants to SaaS solutions,” Morris said.

Follow us on social media for the latest updates in B2B!

Image

Latest

mentorship
WAVIT’s Mentorship Program: Cyndie Nelson on Building Careers Through Guidance
July 19, 2025

The AV industry, like many others in tech, often thrives on innovation—but it’s mentorship that sustains it. Behind every successful professional is often a mentor who provided guidance, shared hard-earned lessons, and opened doors that might have otherwise stayed shut. Programs like WAVIT (Women in AV/IT) bring this spirit of mentorship into focus by intentionally…

Read More
mentorship
Empowering Innovation: Kim Porter’s Role in the WAVIT Mentorship Program
July 19, 2025

In an industry where innovation often hinges on experience, mentorship is the bridge that connects the wisdom of the past with the promise of the future. Engineering, especially in the mechanical domain, is traditionally seen as a discipline of precision, but its culture is just as vital as its calculations. That’s why programs like WAVIT’s…

Read More
mentorship
Passion, Power, and the Mentorship Paradigm Shift in Tech
July 19, 2025

In today’s rapidly evolving tech world, mentorship has emerged as more than a professional development tool—it’s a powerful human connection that fosters resilience, purpose, and authenticity. Particularly for women in engineering and STEM, mentorship isn’t just about career guidance; it’s a lifeline to navigating environments where their voices may still fight to be heard. While…

Read More
AV
Lessons in Leadership: Mitek’s Cyndie Nelson on the Power of Mentoring Women in AV Technology
July 19, 2025

Mentorship has long been considered a cornerstone of professional development, but in the fast-evolving world of AV technology and sales, its value has never been more evident. The unspoken nuances of tradecraft—those bits of wisdom not found in textbooks—are often only accessible through the lived experience of mentors. Particularly for women in traditionally male-dominated industries,…

Read More