AOC

Attestation of Compliance is a declaration of an organization's compliance to PCI DSS.

Back to Glossary

An Attestation of Compliance (AoC) is a declaration of an organization’s compliance with Payment Card Industry Data Security Standard (PCI DSS).

It is testimony that an organization successfully demonstrated exceptional security best practices to secure cardholder data. An AoC must be completed by a Qualified Security Assessor (QSA) or the merchant if the merchant’s internal audit performs validation. Assessments result in either a Report on Compliance (RoC), AoC or both.

The documents are provided to the merchant’s credit card acquirer each year to prove compliance with the PCI DSS.

Read more about compliance