Schneider Downs Certified as a Qualified Security Assessor (QSA)

Pittsburgh, PA — Schneider Downs announces its certification by the Payment Card Industry (PCI) Security Standards Council as a Qualified Security Assessor (QSA) Company, which grants authorization to provide audit services for merchants and service providers to comply with credit card security standards.

The Payment Card Industry Data Security Standard (PCI DSS) was established as an information security standard for organizations that handle branded credit cards. Merchants of any size that accept cards are required to be compliant with the PCI Security Council security standards. All merchants must complete an annual Self-Assessment Questionnaire (SAQ) and Level 1 merchants, as defined by the PCI Security Standard Council, must obtain an annual Report on Compliance (RoC) from a QSA Company.

As a QSA Company, Schneider Downs is now approved to complete both RoCs for merchants and service providers that require them, as well as attest to the completeness and accuracy of SAQs performed by any merchant that does not require a formal RoC. The firm has historically provided a variety of services to assist with PCI DSS compliance, ranging from scoping of the cardholder data environment to delivering penetration and segmentation testing.

“We are excited to bring the firm’s extensive experience in IT audit and PCI DSS together into this new service offering. Serving as a QSA allows us to help merchants of all sizes stay on the right side of compliance requirements, which ultimately protects consumers. With a continually evolving compliance landscape (a new revision of PCI DSS is anticipated in 2022), it is crucial for companies of all sizes to find a partner that can address all of their needs,” stated Eric Wright, Shareholder. “The QSA designation better positions us to serve our clients and reduce their compliance overhead.” 

The PCI Security Standards Council defines a QSA Company as an independent security organization that has been qualified by the PCI Security Standards Council to validate an entity’s adherence to PCI DSS. QSA Employees are individuals who are employed by a QSA Company and have satisfied and continue to satisfy all QSA Requirements. Schneider Downs is now certified at the company level and has several designated QSA employees who can assist with your PCI audit.

Schneider Downs continues to offer a variety of additional services pertaining to PCI DSS compliance, including:

  • Cardholder data environment (CDE) scoping and reduction
  • PCI DSS gap assessment/readiness
  • Penetration testing
  • Segmentation testing

For more information please visit /cybersecurity/payment-card-industry-data-security-standard-compliance

Schneider Downs PCI DSS Contacts

Eric Wright CPA, CITP –
Sean Thomas CISA, CISSP, CISM –
Timothy Wolfgang CISA, CISSP, CCSFP –

About Schneider Downs & Co., Inc.

Schneider Downs’ IT Risk Advisory professionals help organizations gain valuable insights into their processes and technologies. Our dedicated IT Risk Advisory professionals have experience working with a wide variety of industries and companies of all sizes. We will partner with you to provide comprehensive IT risk advisory reviews that will ensure your organization has effective and efficient technology controls that better align the technology function with their business and risk strategies.

Schneider Downs is a top 60 independent Certified Public Accounting (CPA) firm providing accounting, tax, audit and business consulting services to public and private companies, not-for-profit organizations and global companies.  The firm offers Risk Advisory; Technology Consulting; Software Solutions; Personal Financial Services; Retirement Plan Solutions and Corporate Finance Services.  Schneider Downs is the 13th-largest accounting firm in the Mid-Atlantic region and serves individuals and companies in Pennsylvania (PA), Ohio (OH), West Virginia (WV), New York (NY), Maryland (MD), and additional states in the United States with offices in Pittsburgh, PA, Columbus, OH and Washington D.C.


Get the weekly newsletter with our most recent columns and relevant insights to you.

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.


Every moment counts. For urgent requests, contact the Schneider Downs digital forensics and incident response team at 1-800-993-8937. For all other requests, please complete the form below.

"*" indicates required fields

This field is for validation purposes and should be left unchanged.