The RSI Security site breaks down the ways in a few depth, but the method in essence goes like this: The difference between the differing types of SOC audits lies during the scope and length with the assessment: Notice- the more TSC classes you’re ready to incorporate within your audit, https://www.nathanlabsadvisory.com/blog/tag/security-awareness/