Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » SAS 70

SAS 70

SAS 70 is a standard developed by the American Institute of Certified Public Accountants (AICPA) to evaluate the security controls of service organizations. It guides them and their auditors to demonstrate the effectiveness of their controls to their clients and their clients’ auditors.

SAS 70 is currently replaced by the Statement on Standards for Attestation Engagements (SSAE) 18, which is the current standard for evaluating the controls of service organizations. While the SSAE 18 standard includes the same types of evaluations as SAS 70, it is updated to align with current industry best practices and to reflect changes in technology and the business environment.

Today, SOC 2 audits follow the SSAE 18 standard rather than SAS 70.

Additional reading

Privacy by Design Principles

Target discovered a teenage girl was pregnant before her father was aware, Cambridge Analytica harvested 87 million Facebook accounts to influence elections, and Equifax lost access to 147 million Americans’ most private financial information—these were not merely data breaches. They were profound betrayals of trust that radically impacted our perception of data privacy. Now, think…

ISO 42001 Training: A Complete Guide (2026 Updated)

TL;DR ISO 42001 training explains how to apply the AI governance standard across teams. It breaks down the roles, responsibilities, and controls required to meet audit expectations. The training helps clarify ownership, speed up audit prep, and align technical and compliance teams working on AI systems. There are different types of ISO 42001 training. Awareness…

ISO 27001 Logging and Monitoring Policy: Requirements, Objectives, and Best Practices

When systems process sensitive data and users have wide access, it’s critical to know exactly what’s happening, when, and by whom. Logging and monitoring gives you that visibility. It captures every meaningful action including access changes, configuration edits, and data updates, so you can track patterns, investigate issues, and respond with confidence. This isn’t just…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales