PCI Watch

Tracking changes across the Payment Card Industry

Document Comparison

PCI-DSS-v4_0-ROC-AOC-Merchants.pdf PCI-DSS-v4-0-ROC-AOC-Merchants-r1.pdf
92% similar
12 → 11 Pages
2226 → 2196 Words
4 Content Changes

Content Changes

4 content changes. 13 administrative changes (dates, page numbers) hidden.

Modified p. 5
Facility Type Total Number of Locations (How many locations of this type are in scope) Location(s) of Facility (city, country) Example: Retail locations 3 Boston, MA, USA
Facility Type Total Number of Locations (How many locations of this type are in scope) Location(s) of Facility (city, country) Example: Retail locations 3 Boston, MA, USA Part 2e. PCI SSC Validated Products and Solutions (ROC Section 3.3) Does the entity use any item identified on any PCI SSC Lists of Validated Products and Solutions*? Provide the following information regarding each item the entity uses from PCI SSC's Lists of Validated Products and Solutions:
Modified p. 8 → 7
Select If Below Method(s) In Place with Remediation Not Applicable Not Tested Customized Compensating
Select If Below Method(s) In Place Not Applicable Not Tested Not In Customized Compensating
Modified p. 10 → 9
Compliant: All sections of the PCI DSS ROC are complete, and all assessed requirements are marked as being either 1) In Place, 2) In Place with Remediation, or 3) Not Applicable, resulting in an overall COMPLIANT rating; thereby (Merchant Company Name) has demonstrated compliance with all PCI DSS requirements except those noted as Not Tested above.
Compliant: All sections of the PCI DSS ROC are complete, and all assessed requirements are marked as being either In Place or Not Applicable, resulting in an overall COMPLIANT rating; thereby (Merchant Company Name) has demonstrated compliance with all PCI DSS requirements except those noted as Not Tested above.
Modified p. 10 → 9
Compliant but with Legal exception: One or more assessed requirements in the ROC are marked as Not in Place due to a legal restriction that prevents the requirement from being met and all other assessed requirements are marked as being either 1) In Place, 2) In Place with Remediation, or 3) Not Applicable, resulting in an overall COMPLIANT BUT WITH LEGAL EXCEPTION rating; thereby (Merchant Company Name) has demonstrated compliance with all PCI DSS requirements except those noted as Not …
Compliant but with Legal exception: One or more assessed requirements in the ROC are marked as Not in Place due to a legal restriction that prevents the requirement from being met and all other assessed requirements are marked as being either In Place or Not Applicable, resulting in an overall COMPLIANT BUT WITH LEGAL EXCEPTION rating; thereby (Merchant Company Name) has demonstrated compliance with all PCI DSS requirements except those noted as Not Tested above or as Not in Place …