For the majority of merchants (levels 2 - 4) PCI compliance can be reported through the PCI SSC Self-Assessment Questionnaires (SAQ). Essentially the SAQ is a paired down list of requirements from the full PCI Data Security Standard (DSS). One key thing to remember however, is that just because the requirement doesn't show up on the SAQ questions, doesn't mean you don't have to follow it. With that said, the way the PCI SSC has configured the SAQ forms you probably don't have to worry about it too much. As long as you are using the correct form for the way you run your business you are good to go.