Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary Β» SOC 2 Β» SAS 70

SAS 70

SAS 70 is a standard developed by the American Institute of Certified Public Accountants (AICPA) to evaluate the security controls of service organizations. It guides them and their auditors to demonstrate the effectiveness of their controls to their clients and their clients’ auditors.

SAS 70 is currently replaced by the Statement on Standards for Attestation Engagements (SSAE) 18, which is the current standard for evaluating the controls of service organizations. While the SSAE 18 standard includes the same types of evaluations as SAS 70, it is updated to align with current industry best practices and to reflect changes in technology and the business environment.

Today, SOC 2 audits follow the SSAE 18 standard rather than SAS 70.

Additional reading

Sprinto vs Strike Graph: Choosing the Right Compliance Platform

The strongest compliance programs are built to last. They protect against threats, align with multiple frameworks, and create confidence across customers and partners. Strike Graph and Sprinto may both look like routes to faster compliance, but they are built for different stages of the journey. Strike Graph is strongest when the goal is guided first-time…

Honest Vanta Review: What It Gets RightΒ and Where It Falls Short

TL;DR Vanta is a compliance automation platform best suited for startups and mid-market teams pursuing SOC 2, ISO 27001, HIPAA, and similar frameworks. Pricing typically ranges from $10K–$15K/year for startups and $30K–$80K+ for larger teams, with quote-based annual contracts. If you’ve been evaluating compliance automation tools, Vanta has likely made it into your list. It’s…

Vendor Security Assessment: Step-by-Step Guide + Questionnaire 2026

TL;DR January 2022. On of the top-rated identity and access management organizations suffered a data breach impacting 2.5% of its customer base. The hackers infiltrated its sub-processors network and then gained access to the organization’s internal networks. According to a report by Verizon, a staggering 62% of network intrusions are from third parties. The increasing…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales