Frequently Asked Questions

< Back to search page

Can I report on my Prioritized Approach progress instead of producing a Report on Compliance or Attestation of Compliance?

FAQ Response

The PCI SSC does not manage the process for reporting PCI DSS compliance. Please check with your acquiring bank or payment card brands for this information.

August 2013
Article Number 1257

What date should be used for “Date of Report” in the ROC?

Can an Attestation of Compliance (AOC) be provided to an assessed entity before the Report on Compliance (ROC) is finalized?

What is an Attestation of Compliance?

Can the AOC be redacted to protect sensitive information?

Which service provider category should I use for Part 2 of the PCI DSS Attestation of Compliance (AOC) for Service Providers?

Frequently Asked Questions

Can I report on my Prioritized Approach progress instead of producing a Report on Compliance or Attestation of Compliance?

Related Articles