Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » SAS 70

SAS 70

SAS 70 is a standard developed by the American Institute of Certified Public Accountants (AICPA) to evaluate the security controls of service organizations. It guides them and their auditors to demonstrate the effectiveness of their controls to their clients and their clients’ auditors.

SAS 70 is currently replaced by the Statement on Standards for Attestation Engagements (SSAE) 18, which is the current standard for evaluating the controls of service organizations. While the SSAE 18 standard includes the same types of evaluations as SAS 70, it is updated to align with current industry best practices and to reflect changes in technology and the business environment.

Today, SOC 2 audits follow the SSAE 18 standard rather than SAS 70.

Additional reading

What Is a Governance Model? Types, Benefits, and How to Build One

Recently, a friend reached out to me on LinkedIn with a request. She needed help preparing for a webinar on Data Governance and its various models. She had been assigned to lead this project in her department but felt completely unenthusiastic about it. I can certainly relate that data governance isn’t typically a subject that…

ISO 27001 Checklist: 13 Easy Steps To Get Started

TL;DR An ISO 27001 checklist provides a structured roadmap to implement an Information Security Management System (ISMS) and prepare for certification. Key steps include forming an internal security team, defining ISMS scope, conducting risk assessments, implementing Annex A controls, and maintaining required documentation. The process also involves internal audits, external certification audits (Stage 1 &…

Security Audit Checklist – 2025 Guide

IT is now fully integrated into business functions, and while this integration is a boon, it can quickly become the first piece of the domino effect that could cause a significant crash when left unchecked. Security audits are designed to monitor and repair the IT infrastructure to achieve optimum efficiency.  An information security audit checklist…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales