Document Comparison
PCI-DSS-v4-0-DESV-AOC-r1.pdf
→
PCI-DSS-v4-0-1-DESV-AOC.pdf
89% similar
7 → 7
Pages
1388 → 1427
Words
7
Content Changes
Content Changes
7 content changes. 5 administrative changes (dates, page numbers) hidden.
Added
p. 7
Note: The PCI Security Standards Council is a global standards body that provides resources for payment security professionals developed collaboratively with our stakeholder community. Our materials are accepted in numerous compliance programs worldwide. Please check with your individual compliance accepting organization to ensure that this form is acceptable in their program. For more information about PCI SSC and our stakeholder community please visit: https://www.pcisecuritystandards.org/about_us/
Modified
p. 2
Section 1 Assessment Information Instructions for Submission ** Complete this Attestation of Compliance only if required by a Payment Brand or Acquirer to complete the requirements specified in the PCI DSS v4.0 Appendix A3: Designated Entities Supplemental Validation** This Supplemental Attestation of Compliance (S-AOC) must be completed as a declaration of the results of the Designated Entity’s assessment with PCI DSS v4.0 Appendix A3: PCI DSS Designated Entities Supplemental Validation (DESV). The S-AOC is an addendum to the PCI DSS …
Section 1: Assessment Information Instructions for Submission ** Complete this Attestation of Compliance only if required by a Payment Brand or Acquirer to complete the requirements specified in the PCI DSS v4.0.1 Appendix A3: Designated Entities Supplemental Validation** This Supplemental Attestation of Compliance (S-AOC) must be completed as a declaration of the results of the Designated Entity’s assessment with PCI DSS v4.0.1 Appendix A3: PCI DSS Designated Entities Supplemental Validation (DESV). The S-AOC is an addendum to the PCI DSS …
Removed
p. 4
• Examine documentation Yes No
• Interview personnel Yes No
• Examine/observe live data Yes No
• Observe process being performed Yes No
• Observe physical environment Yes No
• Interactive testing Yes No
• Interview personnel Yes No
• Examine/observe live data Yes No
• Observe process being performed Yes No
• Observe physical environment Yes No
• Interactive testing Yes No
Modified
p. 4
YYYY-MM-DD Were any requirements in the S-ROC for Designated Entities unable to be met due to a legal constraint? Yes No Were any testing activities performed remotely? If yes, for each testing activity below, indicate whether remote assessment activities were performed:
YYYY-MM-DD Were any requirements in the S-ROC for Designated Entities unable to be met due to a legal constraint? Yes No Were any testing activities performed remotely? Yes No
Modified
p. 5
Affected Requirement Details of how legal constraint prevents requirement from
Affected Requirement Details of how legal constraint prevents requirement from being met
Modified
p. 6
(Select all that apply) The S-ROC for Designated Entities was completed according to PCI DSS Version 4.0 Appendix A3: Designated Entities Supplemental Validation and was completed according to the instructions therein.
(Select all that apply) The S-ROC for Designated Entities was completed according to PCI DSS Version 4.0.1 Appendix A3: Designated Entities Supplemental Validation and was completed according to the instructions therein.
Modified
p. 6
Part 3d. Internal Security Assessor (ISA) Involvement If an ISA(s) was involved or assisted with this Assessment, indicate the role performed:
Part 3d. PCI SSC Internal Security Assessor (ISA) Involvement If an ISA(s) was involved or assisted with this Assessment, indicate the role performed: