PCI DSS v3.0 Report on Compliance (ROC) Assessment Overview Jeff Messer Director, TAAS 01/08/2015 1 Agenda 2 What / Why / Who ROC Schedule Request for Information (RFI) Process Overview Onsite Assessment Remote Assessment and Remediation Activities Draft ROC Report Quality Assurance and Draft Review Final Report Challenges from Experience Questions What / Why / Who What is a ROC? o Report on Compliance Why do we need to do a ROC?