During a penetration testing engagement for a financial institution, your team is required to assess the security of the client's payment processing system which stores and transmits credit card data. What type of document is MOST important to review before beginning any testing to ensure compliance with industry regulations?
Non-disclosure agreement (NDA)
Service-level agreement (SLA)
Master service agreement
Payment Card Industry Data Security Standard (PCI DSS) documentation