It Concerns pointers on how to interpret core principles from the GDPR and will problem binding choices resolved to the information security authorities on dispute in concrete situations pertaining to cross-border processing. The difference between the different sorts of SOC audits lies from the scope and length with the assessment: https://www.nathanlabsadvisory.com/blog/tag/implementation-guidelines/