Frequently Asked Questions

< Back to search page

What is an Attestation of Compliance?

FAQ Response

The Attestation of Compliance is the document used to indicate that the appropriate Report on Compliance or Self-assessment Questionnaire has been performed, and to attest to your organization’s compliance status with PCI DSS.

February 2008
Article Number 1132

Can an Attestation of Compliance (AOC) be provided to an assessed entity before the Report on Compliance (ROC) is finalized?

Which service provider category should I use for Part 2 of the PCI DSS Attestation of Compliance (AOC) for Service Providers?

What date should be used for “Date of Report” in the ROC?

Can the AOC be redacted to protect sensitive information?

Frequently Asked Questions

What is an Attestation of Compliance?

Related Articles