Not like many compliance polices, SOC compliance is typically not mandatory to work inside a specified field like PCI DSS compliance is for processing payment card details. Generally speaking, organizations need a SOC audit when their customers ask for one particular. The distinction between the different types of SOC audits https://www.nathanlabsadvisory.com/blog/tag/red-teaming/
