PCI DSS 3.0 ROC Reporting Template Released

February 11, 2014, Matt Getzelman, PCI Practice Director

Heads up for our PCI customers: the PCI SSC released the “ROC Reporting Template for v3.0” this last weekend and it is available here:


This document supports the PCI DSS 3.0 standard and must be used by all QSA organizations to create and submit a Report on Compliance (ROC).  What does this mean? 
It means we can now fully complete a PCI DSS 3.0 assessment of your environment as we now know the reporting requirements associated with each PCI DSS testing procedure. We strongly suggest that any organizations that are planning on assessing against the new 3.0 standard familiarize themselves with the reporting instructions along with the other 3.0 documentation:

  • PCI DSS v3.0

  • PCI DSS Summary of Changes v2.0 to v3.0

If you have any questions on the new ROC Reporting template or the PCI DSS 3.0 standard itself, please reach out to your trusted security advisor at Coalfire for additional information.  Good Luck!

Matt Getzelman


Matt Getzelman — PCI Practice Director

Recent Posts

Post Topics