Frequently Asked Questions

< Back to search page

What is an Attestation of Compliance?

FAQ Response

The Attestation of Compliance is the document used to indicate that the appropriate Report on Compliance or Self-assessment Questionnaire has been performed, and to attest to your organization’s compliance status with PCI DSS.

February 2008
Article Number 1132

Related Articles

Can the “Compliant but with Legal exception” option in the AOC be used to identify where a testing procedure could not be performed due to a legal constraint?

What date should be used for “Date of Report” in the ROC?

Can an Attestation of Compliance (AOC) be provided to an assessed entity before the Report on Compliance (ROC) is finalized?

Can the AOC be redacted to protect sensitive information?