For Instance, you should include confidentiality into the scope of your report if that requirements is applicable to your small business plus your SOC 2 report. SOC two is structured across the 5 TSCs and contains an auditor’s viewpoint of your controls in place for Each individual picked TSC. A https://calvant.com/blog/iso-27001-vs-soc-2-comparison-differences-benefits