A “disclaimer of viewpoint” usually means the auditor doesn’t have sufficient evidence to aid any of the initial 3 selections. E-commerce retailers who outsource all payment processing to PCI DSS validated 3rd parties, and who may have a web site(s) that doesn’t directly receive cardholder info but which can effect https://www.nathanlabsadvisory.com/blog/nathan/maximize-business-trust-and-security-with-hitrust-compliance/
