Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » SOC 2 » SSAE 18

SSAE 18

SSAE 18 is a set of updates to the SOC (Service Organization Control) report standards, replacing the previous version, SSAE 16, and the older SAS 70 report. These enhancements aim to improve the quality and usefulness of SOC reports. With these updates, companies will be required to take more responsibility for identifying and categorizing risks and properly managing their relationships with third-party vendors. These changes will help address any gaps identified in the reports of many service organizations, although they are relatively manageable.

Additional reading

HIPAA Business Associate Agreement – Complete Guide

TL,DR: A HIPAA BAA is a written contract between covered entities and business associates defining PHI protection responsibilities. Business associates face the same penalties as covered entities, up to $1.5 million annually A BAA must include permitted PHI uses, required safeguards, breach notification obligations, subcontractor engagement conditions, and provisions for returning or destroying PHI at…

Everything you don’t see in GRC reports: A look back at Humans of GRC series

When people hear “GRC,” they think policies, audits, frameworks, reports. They think about structure, not stories. Control, not connection. But we’ve spent years inside this world, working alongside the people who do the hard, quiet work—the ones who keep organizations steady through uncertainty, regulation, and change, who step in during crises, adapt to new technologies,…

PCI Automation: How To Get Started

You’ve worked hard to build trust with your customers and create a solid business, but data security is one of the biggest talking points. Breaches can not only impact customers but can cause them to distrust your business. And this is one of the reasons why you need a PCI DSS (Payment Card Industry Data…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales