[1] The intent of this qualification is for these individuals to receive PCI DSS training so that their qualifying organization has a better understanding of PCI DSS and how it impacts their company.
Becoming an ISA can improve the relationship with Qualified Security Assessors and support the consistent and proper application of PCI DSS measures and controls within the organization.
The PCI SSC's public website can be used to verify ISA employees.
[4] Organizations are required to have an internal audit department and cannot be affiliated with a Qualified Security Assessor or Automated Scanning Vendor (ASV) company in any way.
If the certified individual leaves the company that sponsored them, the certification is no longer valid [5]