Should your application requires your prospects to enter their information on their own individual gadgets, then you qualify for SAQ A. The difference between the different types of SOC audits lies within the scope and period with the assessment: The PCI SSC has outlined 12 specifications for handling cardholder info https://www.nathanlabsadvisory.com/cyber-security-assessment.html
