The RSI security website breaks down the techniques in a few depth, but the method in essence goes like this: Formally attest your compliance. An AOC (attestation of compliance) is the form you use to sign that you just’ve reached PCI DSS compliance. Ending your questionnaire without any “Incorrect” answers https://www.nathanlabsadvisory.com/blog/tag/top-management-support/
