Compared with many compliance laws, SOC compliance is often not required to function within a offered business like PCI DSS compliance is for processing payment card information. On the whole, firms have to have a SOC audit when their customers ask for one particular. SOC 2 is an auditing procedure https://www.nathanlabsadvisory.com/blog/tag/information-security/