Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » QSA


A QSA, or Qualified Security Assessor is an AICPA (American Institute of Certified Public Accountants) trained professional. They assess your organization’s systems and controls as required by a SOC 2 standard. 

QSAs are responsible for conducting independent assessments of your organization and preparing a report based on the findings and observations. They would review your policies, procedures, and documentation related to the systems and processes. The report is meant to assure customers and stakeholders that your organization’s controls are designed and operate efficiently to maintain the security and confidentiality of customer data.

Additional reading

11 Best Practices for PCI DSS Compliance

Maintaining a secure environment has become the top priority with the increasing volume of malicious attacks on business processing user card data. The (Payment Card Industry Data Security Standards)PCI DSS compliance, though not legally mandated, is a globally accepted security standard for businesses processing transactions either in physical or digital form.  This article focuses on…
Breaking the Silence: A Guide to HIPAA Violations Reporting

Breaking the Silence: A Guide to HIPAA Violations Reporting

The Health Insurance Portability and Accountability Act(HIPAA) is a federal law established in 1996 to protect the privacy and confidentiality of an individual’s personal health information. Unfortunately, today HIPAA violations have become common in healthcare entities, and people are not aware of how to report them. Therefore it is significant to understand the fundamentals of…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.