The removal of parts of an organization from the scope of an audit.

Back to Glossary

It is mostly used for PCI DSS audits where organizations can remove all, or part, of their environment from the scope of PCI DSS by controlling data internally, using a hosted secure payment solution or outsourcing it to a PCI DSS compliant contact center.

Read more about compliance