After you have discovered which evaluation you might want to total, the subsequent move would be to carry out the evaluation, total the suitable SAQ or ROC documentation, and submit it to Stripe for evaluate. The difference between the different types of SOC audits lies in the scope and duration https://www.nathanlabsadvisory.com/pci-3ds.html