As opposed to a lot of compliance restrictions, SOC compliance is usually not mandatory to work in a given industry like PCI DSS compliance is for processing payment card facts. On the whole, firms need a SOC audit when their buyers ask for one. The difference between the different types https://www.nathanlabsadvisory.com/nerc-cip.html