Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Quality Report
A SOC 2 quality report is a document that service organizations use to demonstrate that they have adequate controls, policies, and processes in place to secure customer data. These controls are related to the five trust principles: security, availability, processing integrity, confidentiality, and privacy. Security is the most important and compulsory criterion, while others can be audited for compliance based on business needs.Â
The report is provided by a CPA (Certified Public Accountant) firm. There are two types of report – Type 1 and Type 2. A Type 1 report provides a snapshot of the service organization’s controls at a specific point in time. A Type 2 report provides a snapshot of the service organization’s controls over a longer period of time, generally six months or longer.
Additional reading
6 PCI DSS Compliance Goals You Must Be Aware OfÂ
Ensuring Federal Information Security: Essentials of FISMA Compliance
Insider Threats in Cyber Security: Types, Indicators, and Mitigation Techniques
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.