A SOC two attestation relies within the Trust Services Requirements and it is supplied by a registered CPA agency authorized because of the AICPA. Generally, a SOC 2 report is valid for the 12 months along with the Business is required to have interaction the same or a unique CPA https://www.nathanlabsadvisory.com/blog/nathan/maximize-business-trust-and-security-with-hitrust-compliance/