Client Requests Highly Detailed Security Audit

A client is requesting an unusual level of detail for a security audit from a company with 2000 employees, including copies of vulnerability scans, penetration tests, risk assessments, policies, and a SOC 2 report. The company responded by providing written copies and executive summaries and initiated its first SOC 2 type 2 audit. However, the client is now asking for direct evidence similar to that provided to the SOC audit team, including policies and screenshots showing technical controls and logs.