I am not sure if this is the right forum to ask this question.
We are a startup having customers in 4 different locations. Our customers are being served from cloud - hosted in 4 different data centers in different locations. We have a requirement of SOC-2 for the customers of a particular location e.g. customers of USA.
Is it possible to keep the scope of SOC-2 to US data centers? It is hard for us to prepare ourselves for all data center at this stage of the company.
