It concerns guidelines on how to interpret core concepts from the GDPR and can situation binding selections resolved to the information security authorities on dispute in concrete cases relating to cross-border processing. The distinction between the different types of SOC audits lies during the scope and period of your assessment: https://www.nathanlabsadvisory.com/anti-bribery-compliance.html
