PCI DSS QSA Training – Al-Nafi


PCI DSS QSA Training

The Qualified Security Assessor course will teach you how to perform assessments of merchants and service providers who must comply with the PCI Data Security Standard. The course focuses on the 12 high-level control objectives and corresponding sub-requirements that are required for compliance. Read More

Become A Member

Course Description

This course plays a key role in the wellbeing of National Financial Infrastructure. This is not an official course but is designed by AL Nafi themselves. Successful participants will be given a completion certificate, once they complete a mock merchant level 1,2,3,4 and service provider PCI DSS audits. The course will be delivered by utilizing alnafi.com online educational portal as part of our timeline courses.

The fundamental will also be covered to ensure that participants understand all the key requirements:

  • PCI Glossary
  • PCI DSS Self-Assessment Questionnaire (SAQ)
  • Attestation of Compliance (AOC)
  • ROC Reporting for PCI DSS
  • PCI SSC Frequently Asked Questions (FAQs)

Those who attend the training and pass the exam assist in performing assessments and prepare appropriate compliance reports (such as Reports on Compliance (RoC)) required by payment card brands and acquiring banks.
Upon completion of the course, you’ll be able to define the processes involved in payment card processing, understand the PCI DSS requirements and testing procedures, conduct internal PCI DSS assessments, validate compliance, and generate reports.

PCI Fundamentals assures that all candidates attending the QSA training course have the same baseline understanding.  The PCI Fundamentals course must be completed within thirty days of initial access and a minimum of one week prior to the start of an on-site training class.


This prerequisite course covers:

  • Understanding the Payment Card Industry Security Standards Council and its role
  • Defining the processes involved in card processing
  • PCI roles and responsibilities
  • Understanding cardholder data
  • Defining network segmentation
  • PCI DSS assessments

The Qualified Security Assessor course also covers:

  • Payment card industry overview
  • Terminology, transaction data flow
  • Relationships between various organizations in the process
  • Payment card brand validation and reporting requirements
  • PCI Data Security Standard (DSS)
  • Overview of each requirement and testing procedures
  • PCI Hardware and Communications Infrastructure
  • Overview of compliance issues and mitigation strategies
  • Compensating controls
  • PCI Reporting

The instructor-led course also includes 4 case studies as they relate to various merchant types and service providers providing a simulation of assessment scenarios that may help you in solving common problems you may experience when assessing a client’s payment environment.

Those who are working at an employer who are classified as either merchants, service providers or acquiring bank should attend this course. This course will allow them to be an integral part of the team who are working to get a given organization to be PCI DSS certified. This course is not a substitute of official PCI DSS training provided by PCI Council rather its way forward for our Nafi members to become PCI DSS assessors and either work in their own country or start their own PCI DSS assessment consulting companies.

Course Delivery Mode

The training will be delivered online via our alnafi.com portal, which is designed to cater 50 Million Nafi members. The portal has all the key features like:

  • Watching and tracking videos
  • Progress monitoring,
  • Attempting quizzes,
  • Submitting assignments,
  • Asking questions from the teachers and mentors,