Definition

Report on Compliance (ROC)

A Report on Compliance (ROC) is a form that must be completed by all Level 1 Visa merchants undergoing a PCI DSS (Payment Card Industry Data Security Standard) audit. In general, a level 1 merchant is one who processes over 6 million Visa transactions in a year.

The ROC is used to verify that the merchant being audited is compliant with the PCI DSS standard. PCI DSS policies and procedures were developed to enhance the security of card-based transactions and protect cardholders against fraud and other misuses of their personal information. PCI DSS was created as a collaborative effort of Visa, MasterCard, Discover and American Express.

The ROC must be filled out by the PCI Qualified Security Assessor (QSA) who has audited the merchant. The form is then submitted to the merchant's acquiring bank for acceptance. Once the merchant's acquiring bank has accepted the ROC, it sends the document on to Visa for compliance verification.

This was last updated in June 2010

Continue Reading About Report on Compliance (ROC)

Dig Deeper on PCI Data Security Standard

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

  • CIO Trends #6: Nordics

    In this e-guide, read how the High North and Baltic Sea collaboration is about to undergo a serious and redefining makeover to ...

  • CIO Trends #6: Middle East

    In this e-guide we look at the role of information technology as the Arabian Gulf commits billions of dollars to building more ...

  • CIO Trends #6: Benelux

    In this e-guide, read about the Netherlands' coalition government's four year plan which includes the term 'cyber' no fewer than ...

Close