Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » SOC 2

SOC 2

SOC 2 is a type of audit that assesses the controls of a service organization relevant to the security, availability, processing integrity, confidentiality, and privacy of the service organization’s systems. The purpose is to evaluate the controls pertinent to these five trust services criteria and assure that the controls operate effectively. The service organization’s clients and auditors use the audit report. 

An independent accounting firm conducts a SOC 2 audit, following the standards set by the American Institute of Certified Public Accountants (AICPA). Demonstrating effective controls helps you build trust with clients and shows commitment to maintaining its systems’ security, availability, processing integrity, confidentiality, and privacy.

Additional reading

HIPAA Compliant Text Messaging Rules and Safeguards

TL,DR: HIPAA-compliant text messaging requires sufficient technical safeguards including end-to-end encryption, access controls, and audit trails. Standard SMS does not meet HIPAA standards because messages lack adequate encryption Messaging is compliant when patients are informed of texting risks, consent is obtained, end-to-end encryption is implemented, access controls are enforced, and complete audit trails are maintained…

Cybersecurity Checklist: Your Guide to Comprehensive Security

Safeguarding your organization against increasingly sophisticated cyber attacks can be daunting. The ever-evolving landscape of cyber threats only compounds the challenges cybersecurity leaders face today. The sheer volume of vulnerabilities and the rapid pace of technological change means they face many variables to deal with. And so, many leaders face a critical question—where to begin?…

ISO 27001 Acceptable Use Policy: Requirements, Template, and Best Practices

Scaling a fast-growing tech company comes with invisible risks. As new people, devices, and apps flood your environment, the chances of misuse, accidental data leaks, or non-compliance skyrocket. Founders and compliance leaders often discover too late that while technical controls are in place, one unclear policy, or worse, no policy at all, can derail an…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales