Thanks @ThomasJosephD. This is the way I have understood it, too. That's not exactly what the SecurityMetrics emails are communicating. They strongly imply that they are the arbiters of PCI Compliance for all Intuit Quickbooks users.
