Frequently Asked Questions

< Back to search page

Can I report on my Prioritized Approach progress instead of producing a Report on Compliance or Attestation of Compliance?

FAQ Response

The PCI SSC does not manage the process for reporting PCI DSS compliance. Please check with your acquiring bank or payment card brands for this information.

August 2013
Article Number 1257

What date should be used for “Date of Report” in the ROC?

Can an Attestation of Compliance (AOC) be provided to an assessed entity before the Report on Compliance (ROC) is finalized?

What is an Attestation of Compliance?

Where can I find unlocked versions of the AOCs and SAQs?

Can the AOC be redacted to protect sensitive information?

Frequently Asked Questions

Can I report on my Prioritized Approach progress instead of producing a Report on Compliance or Attestation of Compliance?

Related Articles