When you have discovered which assessment you'll want to complete, the following move is to accomplish the evaluation, full the suitable SAQ or ROC documentation, and submit it to Stripe for review. The distinction between the different types of SOC audits lies in the scope and duration from the evaluation: https://www.nathanlabsadvisory.com/blog/nathan/stay-ahead-with-effective-web-application-security-testing-strategies/