It issues rules regarding how to interpret Main principles on the GDPR and can concern binding choices tackled to the data defense authorities on dispute in concrete cases relating to cross-border processing. The difference between the different types of SOC audits lies inside the scope and duration with the evaluation: https://www.nathanlabsadvisory.com/cyber-security-policy-review.html
