Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » SAS 70

SAS 70

SAS 70 is a standard developed by the American Institute of Certified Public Accountants (AICPA) to evaluate the security controls of service organizations. It guides them and their auditors to demonstrate the effectiveness of their controls to their clients and their clients’ auditors.

SAS 70 is currently replaced by the Statement on Standards for Attestation Engagements (SSAE) 18, which is the current standard for evaluating the controls of service organizations. While the SSAE 18 standard includes the same types of evaluations as SAS 70, it is updated to align with current industry best practices and to reflect changes in technology and the business environment.

Today, SOC 2 audits follow the SSAE 18 standard rather than SAS 70.

Additional reading

GDPR Article 32: Security of Processing

If your organization processes personal data, the General Data Protection Regulation (GDPR) requires you to present a security posture that can protect the data in your business environments from cyber-attacks. GDPR Article 32 talks about setting up controls and policies to deploy this line of defence required to ensure data security. But while the requirement…

GDPR Data Processor vs Data Controller (Main Differences)

Key Points  Introduction Is your cloud-hosted company a data processor or controller? It’s important to understand the main differences because it defines your responsibilities under the GDPR.  Trying to obtain GDPR compliance can be confusing and frustrating if there is confusion about the different roles. When comparing GDPR data processor vs controller, there are some…
Cybersecurity Automation Tools

7 Best Cybersecurity Automation Tools

The use of cybersecurity automation tools for human augmentation acts as a force multiplier, enhancing security capabilities and making a greater impact. By reducing trouble tickets, catching more threats, compensating for staff shortages, and fortifying resilience, these tools ease and complement the lives of infosec teams. The ever-growing security challenges cannot after all be battled…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.