I am a Cloud Service Provider and Don’t Have an Audit Completed with Pending RFP

While FedRAMP compliance permits your organization to do business with the Government, a SOC 2 (AT 101) audit may be equally important to customers in the private sector when choosing a service provider.

A cloud service provider who doesn't plan on having the Government as a customer, but, wants to show they have quality security practices in place may choose to perform a SOC 2 audit, which can be preferable due to the additional requirements mandated by FedRAMP.