An organization that is certified by the PCI Security Standards Council to perform PCI data security assessments. Employees must be trained and tested in order to certify the organization. See
Internal Security Assessor,
Approved Scanning Vendor and
PCI-DSS.