Glossary   >   What is Attestation of Compliance (AoC)

What is Attestation of Compliance (AoC)

AoC or Attestation of Compliance (AoC) is a document that attests to an organization’s compliance with the Payment Card Industry Data Security Standard (PCI DSS) after scrutinizing an evaluation. Major credit card firms create the PCI DSS as a set of security guidelines to guarantee the security of credit card information.

An organization must complete a PCI DSS assessment, which entails a detailed analysis of the organization’s security procedures and controls, to receive an AoC. An internal security team or a qualified security assessor (QSA) usually conducts the assessment.

After fulfilling all the PCI DSS requirements, this document is generated, which adds the scope of the assessment, the assessment date, and the assessor’s conclusions. The AoC serves as evidence of PCI DSS compliance and ensures the company’s commitment to securing credit card data.

All things considered, an Attestation of Compliance is a crucial record that attests to an organization’s adherence to the PCI DSS and its dedication to safeguarding sensitive credit card information