As opposed to lots of compliance polices, SOC compliance is typically not mandatory to operate in a very specified business like PCI DSS compliance is for processing payment card information. Usually, providers have to have a SOC audit when their consumers ask for just one. The PCI Security Benchmarks Council https://www.nathanlabsadvisory.com/pci-pin-service.html
