Through the SOC 2 Audit period of time: The audit period only starts when all the controls are in place and all factors of information security are doing as developed. The business finalizes the CPA organization or independent auditors and in collaboration, they decide the beginning date plus the period https://virtualcisoservice.com/blog/affordable-vciso-services-for-small-to-mid-sized-businesses-in-the-usa/