ROC - Report on Compliance for PCI Home Cybersecurity Dictionary ROC - Report on Compliance for PCI The ROC form must be completed by all Level 1 Visa merchants undergoing a PCI DSS (Payment Card Industry Data Security Standard) audit. A Level 1 merchant is defined as one that processes over 6 million Visa transactions in a year. The ROC verifies that the audited merchant is compliant with the PCI DSS standard. PCI DSS was created as a collaborative effort of Visa, MasterCard, Discover and American Express. The ROC must be completed by a PCI Qualified Security Assessor (QSA) who has audited the merchant. The form is then submitted to the merchant's acquiring bank for acceptance. Once the merchant's acquiring bank has accepted the ROC, it sends the document on to Visa for compliance verification. Related TermsQSA - Qualified Security Assessor for PCIPII - Personally Identifiable InformationPCI and PCI DSS -The Payment Card Industry Data Security StandardPFI - PCI Forensic Investigator Share: Seeking Clarity? View the Cybersecurity Dictionary for top terms searched by your peers. Back to the Dictionary RELATED INSIGHTS DOWNLOAD October 22, 2018 PCI Compliance Does Not Always Equal Security Learn how a risk-centric approach can be applied to each PCI requirement. See Details Read more about PCI Compliance Does Not Always Equal Security BLOG October 29, 2018 Leveraging Risk Strategy to Move Beyond Check-Box PCI Compliance Merchants often put compliance spending at the top of their list for budgeting purposes because the consequences of non-compliance can be expensive. F... See Details Read more about Leveraging Risk Strategy to Move Beyond Check-Box PCI Compliance DOWNLOAD July 31, 2017 PCI Services Learn how Optiv can help you plan, build and run your PCI compliance program. See Details Read more about PCI Services How Can We Help? Let us know what you need, and we will have an Optiv professional contact you shortly.