Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Processor Agreement
A DPA, or Data Processing Agreement, is an agreement between a data processor (for instance, a third-party service provider) and a data controller (such as a company) to regulate any personal data processing that might be conducted for business purposes. A DPA is also known as a GDPR data processing agreement.
Additional reading
How to Choose Your SOC 2 Trust Principles: A Framework for SaaS Leaders
TL;DR SOC 2 is built on 5 Trust Services Criteria (TSC) defined by the AICPA. Security is the only mandatory one; Availability, Confidentiality, Privacy, and Processing Integrity are optional. Together, these criteria determine your audit scope and the controls your organization must prove. The optional TSCs are chosen based on your product and customer expectations….
A Guide to ISO 27003 and the ISMS Implementation Process
The ISO 27000 family of standards is an internationally recognized set of guidelines to help organizations implement, improve, or certify their information security. ISO /IEC 27001 is the central standard on which a number of supporting standards are outlined – such as ISO 27003. In this article, we discuss what ISO 27003 is, its importance,…
Top Operational Risk Management Software Solutions – How to Select One?
During the 2008 economic crisis, financial giant Lehman Brothers declared bankruptcy, fired thousands of employees, and sent the already broken economy into a tailspin. While many complex factors led to this event, poor risk management was the key one. This event highlights the importance of using operational risk management software. Operating a business without a…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
