What organization or cybersecurity framework specifies the Service Organization Control 2 (SOC2) Type I and Type II IT-security reports, which focus on security, confidentiality, privacy, integrity, and availability when storing and processing customer data, and that must be considered highly confidential? [ ] SSAE [ ] NIST [ ] ISO
a. SSAE
b. NIST
c. ISO
d. None of the above