In contrast to quite a few compliance laws, SOC compliance is often not obligatory to work inside of a provided business like PCI DSS compliance is for processing payment card info. Generally speaking, businesses need a SOC audit when their consumers ask for just one. The GDPR protects own info https://www.nathanlabsadvisory.com/rbi-cyber-security-framework.html
