Broadly speaking, being SOC 2 "compliant" isn't really a thing. They just had a SOC 2 audit done, you have to read the report to discover how "compliant" they are.
SOC 2 is useful as setting a baseline for how a business and IT org should be ran, assuming it's followed...
SOC 2 is useful as setting a baseline for how a business and IT org should be ran, assuming it's followed...