In contrast to quite a few compliance regulations, SOC compliance is often not required to operate in a presented marketplace like PCI DSS compliance is for processing payment card data. In general, firms have to have a SOC audit when their customers ask for 1. Formally attest your compliance. An https://www.nathanlabsadvisory.com/blog/nathan/implementing-iso-27001-at-nathan-lab-advisory-company-a-comprehensive-guide/