Registration Now Open for Online, Instructor-led SSF Training Classes

Software Security Framework Assessor Companies (SSF Assessor Companies) are independent security organizations that are qualified by PCI SSC to perform assessments to the Secure Software Standard, the Secure Software Lifecycle Standard or both. 

SSF Assessor Company qualification is open to any company that meets the Software Security Framework Assessor Qualification Requirements. It provides an opportunity to become certified to perform assessments under the PCI SSC Software Security Framework (SSF), which includes a methodology for validating software security and a separate secure software lifecycle qualification for vendors with robust security development practices.  

These online classes are available for qualification or informational training: 

2022 eLearning with Remote Instructor-led Training Classes:

  • 7 June - Secure Software Lifecycle Assessor: 9:00 - 17:30 ET 
  • 9 June - Secure Software Assessor : 9:00 - 17:30 ET 
  • 1 November - Secure Software Lifecycle Assessor: 9:00 - 17:30 ET 
  • 3 November - Secure Software Assessor : 9:00 - 17:30 ET 
  • Secure Software Lifecycle Assessor Available for Qualification or Informational 
  • Secure Software Assessor Available for Qualification or Informational 
Request More Information

Eligible organizations can apply now to become SSF Assessor Companies by visiting the Secure SLC Assessor or Secure Software Assessor pages on the PCI SSC website and following the steps outlined in the registration process.

> More info on Secure SLC Assessor
> More info on Secure Software Assessor

Upon completion of training and passing the corresponding exam, you’ll be able to

  • Conduct Secure Software Assessments
  • Conduct Secure SLC Assessments
  • Assess and validate Payment Software for compliance with the PCI Secure Software Standard
  • Validate and attest to an entity’s compliance with the Secure SLC Standard
  • Prepare appropriate compliance reports

Available as Informational Training: 

Informational training is for individuals who would like to increase their knowledge but do not necessarily need to achieve certification. This training is a great fit for any individual who may want to understand what the standard and program entail, and what to expect from an assessment, but who does not need or want to certify as an assessor for that program.

To find out more about taking these classes for informational purposes, please send us an email at registration@pcisecuritystandards.org.


For More Information:

Visit the Secure SLC Assessor or Secure Software Assessor pages on the PCI SSC website, the PCI Perspectives blog or contact the program manager at: +1-781-876-6267 or software@pcisecuritystandards.org.



Stay up to date with PCI Security Standards Council! Follow us today.

linkedin-rounded.png twitter-rounded.png blog-rounded.png