Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » Privacy

Privacy

Privacy is one of the five trust service criteria of SOC 2. It is information an entity collects, uses, retains, discloses, and disposes to meet its objectives. 

The privacy principle aims to service organizations who handle sensitive personal information do so in a responsible and trustworthy manner. They should have appropriate controls in place to protect the privacy of individuals. This principle guides organizations to handle privacy based on the following:

– Notice and communication of objectives

– Choice and consent

– Collection

– Use, retention, and disposal

– Access

– Disclosure and notification

– Quality

– Monitoring and enforcement

Additional reading

Vendor Risk assessment checklist
Blogs Risk Management

What is Vendor Risk Assessment – Download Checklist

December 19, 2023. Comcast, a U.S. telecom giant acknowledged that the data of 36 million Xfinity customers had been stolen because of a third-party breach. The third-party supplied security patches in October, but not all customers applied them.  Unaddressed third-party risks are often the loose ends that threat actors focus on to infiltrate organizations. Continuous…
ISO 27001 Audit Checklist
Blogs ISO 27001

ISO 27001 Audit Checklist (5 Easy Steps)

Preparing for an ISO 27001 audit can feel chaotic. You’re left rushing through control tests, patching gaps, and frantically ensuring that each control effectively maps to ISO/IEC 27001 requirements and business context. Navigating this chaos without an ISO 27001 audit checklist that outlines the right steps, is like playing the game of whack-a-mole, where you…
Blogs ISO 27001

ISO 27001 For SaaS Businesses: A Starter’s Guide

ISO 27001 is a well-established and recognized cybersecurity certification. It provides companies (and SaaS businesses) comprehensive guidelines on creating, implementing, and improving their Information Security Management System (ISMS).  For SaaS businesses that have a majority of their data on the cloud, the standard is more than a certification that gets them in the room. It’s…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales