Compared with several compliance laws, SOC compliance is usually not obligatory to function in the specified industry like PCI DSS compliance is for processing payment card details. Normally, companies have to have a SOC audit when their consumers ask for 1. Formally attest your compliance. An AOC (attestation of compliance) https://www.nathanlabsadvisory.com/blog/tag/nathan-lab-advisory-company/
