During a penetration testing engagement for a financial institution, your team is required to assess the security of the client's payment processing system which stores and transmits credit card data. What type of document is MOST important to review before beginning any testing to ensure compliance with industry regulations?
Non-disclosure agreement (NDA)
Master service agreement
Service-level agreement (SLA)
Payment Card Industry Data Security Standard (PCI DSS) documentation