Not like lots of compliance laws, SOC compliance is often not necessary to function inside a given industry like PCI DSS compliance is for processing payment card information. Generally speaking, firms have to have a SOC audit when their consumers request 1. The PCI Security Criteria Council was established by https://www.nathanlabsadvisory.com/vapt-services.html
