Once again, Understand that these aren’t “fines” in precisely the same sense that, say, you’d pay for violating some federal government regulation or traffic legislation; they’re penalties built right into a deal among merchants, payment processors, and card models. The distinction between the differing types of SOC audits lies within https://www.nathanlabsadvisory.com/fisma.html
