Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Confidentiality

Confidentiality

In the context of SOC 2 (Service and Organization Controls), confidentiality refers to the principle that requires organizations to protect the confidentiality of their customer’s data and information. The confidentiality principle is one of five Trust Services Criteria covered in a SOC 2 attestation engagement.

To meet the confidentiality principle, organizations must have controls to ensure that their customers’ data and information are kept confidential and only accessed by authorized individuals. This may include access controls, data encryption, and secure data transmission.

Additional reading

Cyber Security Metrics & KPIs: A Detailed Guide

TL,DR: Cybersecurity metrics help CISOs explain risk, budget needs, and program performance with data. The article covers 22 metrics across threats, vulnerabilities, incidents, compliance, and training. Use them to report security value in terms leadership can understand and compare. As a seasoned security professional, you understand the struggles of convincing the board to approve an…

ISO 27001 Internal Audit: Everything You Need to Know

Getting an ISO 27001 certification largely depends on how effective your internal audits are. An ISO 27001 internal audit tells you if your ISMS is actually working as intended, whether your controls are in place, and if there are any gaps you need to fix before you meet the external auditor. And here’s the part…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.