The RSI Security site breaks down the steps in a few element, but the process in essence goes like this: Formally attest your compliance. An AOC (attestation of compliance) is the form you employ to signal that you choose to’ve accomplished PCI DSS compliance. Finishing your questionnaire without “Mistaken” answers https://www.nathanlabsadvisory.com/nesa-compliance.html