$57.$

Which statement is true regarding the PCI

DSS Report on Compliance $($ROC$)?$

O The assessor must create their own ROC template for each

assessment report

O The assessor may use either their own template on the ROC

template provided by PCI SSC

O The ROC Reporting template and instructions provided by PCI

SSC should be used for all ROCs

O The ROC Reporting template provided by PCI SSC is only

required for service provider assessments