It is mostly used for PCI DSS audits where organizations can remove all, or part, of their environment from the scope of PCI DSS by controlling data internally, using a hosted secure payment solution or outsourcing it to a PCI DSS compliant contact center.
Read more about compliance