Frequently Asked Questions

< Back to search page

What is an Attestation of Compliance?

FAQ Response

The Attestation of Compliance is the document used to indicate that the appropriate Report on Compliance or Self-assessment Questionnaire has been performed, and to attest to your organization’s compliance status with PCI DSS.

February 2008
Article Number 1132

What date should be used for “Date of Report” in the ROC?

Can an Attestation of Compliance (AOC) be provided to an assessed entity before the Report on Compliance (ROC) is finalized?

Which service provider category should I use for Part 2 of the PCI DSS Attestation of Compliance (AOC) for Service Providers?

What is meant by a “payment application” in Part 2d of the Attestation of Compliance?

Frequently Asked Questions

What is an Attestation of Compliance?

Related Articles