The PCI Secure Software Lifecycle (SLC) Standard is part of the PCI Software Security Framework and helps software vendors to ensure that security is designed and integrated at each stage of the software lifecycle. Software vendors can engage a Secure SLC Assessor to have their SLC assessed and validated for compliance with the Secure SLC Standard. The assessment and validation are documented by the Secure SLC Assessor in a Report on Compliance (ROC). Software vendors that have undergone this validation process are listed on PCI SSC's Secure SLC-Qualified Software Vendors list.

Although the PCI Council reviews these reports for quality management purposes, the PCI Council does not independently confirm the reports or the data or information they contain, nor does the PCI Council perform any testing or analysis of software lifecycles, products, functionality, performance, suitability or compliance with the Standard.