Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » SSAE 18

SSAE 18

SSAE 18 is a set of updates to the SOC (Service Organization Control) report standards, replacing the previous version, SSAE 16, and the older SAS 70 report. These enhancements aim to improve the quality and usefulness of SOC reports. With these updates, companies will be required to take more responsibility for identifying and categorizing risks and properly managing their relationships with third-party vendors. These changes will help address any gaps identified in the reports of many service organizations, although they are relatively manageable.

Additional reading

SOC 2 Myths and Malpractices Busted: Be Wary Of These Red Flags

If you are on a journey to undertake SOC 2 compliance for your business, it can be confusing to sort through the reams of information and arrive at some form of clarity. This matter is made even more complicated by the prevailing Fear, Uncertainty, and Doubt in the market created by unscrupulous vendors who peddle…

NYDFS Cybersecurity Regulation: Ensuring Financial Security Compliance

On November 1, 2023, governor Kathy Hochul announced that the New York State Department of Financial Services had drafted the NYDFS Cybersecurity Regulation. Aimed at protecting New York-based businesses and their customers from cyber threats, these regulations are designed using a combination of risk based approaches with better governance and robust access controls.  If you…

Service Organization Controls (SOC) Reports: Types & Step to follow

In late 2023, the AICPA refreshed its Trust Services Criteria on September 30 and followed up on October 1 with a detailed attestation guide for SOC for Cybersecurity engagements. That summer, the SEC’s July 26 rule began requiring public companies to disclose material cybersecurity incidents within four business days and outline their risk-management governance in…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales