Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
TSC
The Trust Service Criteria (TSC) are the specific criteria that must be met in order for a service organization to achieve compliance with SOC 2. The TSC are divided into five categories: security, availability, processing integrity, confidentiality, and privacy. Within each category, there are specific controls and requirements that must be implemented and maintained in order for the service organization to meet the TSC and achieve SOC 2 compliance.
Additional reading
Penetration Testing vs Vulnerability Scanning Explained
If you’ve been exploring the difference between the two, a prospect that you are working with has likely requested a pen testing report. You are stuck wondering how it differs from the vulnerability report you provided. If you’re still confused, let’s clear it up for you! What is Penetration Testing and Vulnerability Scanning? Penetration testing…
An Overview of ISO 27701,The Privacy Information Systems Standard
Bruce Schneier says, “Data is the pollution problem of the information age, and protecting privacy is the environmental challenge.” This quote double-clicks the importance of keeping data and privacy on the highest pedestal of protection. This is where the ISO 27701 certification comes in. ISO/IEC 27701:2019 serves as an essential tool for organizations. It is…
What is Vendor Review – Document Review & Examples
TL,DR: A vendor review evaluates risks associated with a vendor’s product or service, covering data handling, physical security, and compliance with HIPAA, GDPR, ISO 27001, and SOC 2 Reviews occur at 3 stages: onboarding (during RFP process), ongoing (periodic assessments based on risk level), and triggered (when incidents or warning signs appear). High-risk vendors require…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
