Compliance Glossary

Welcome to our list of commonly used security and compliance terms.

There are two types of SOC 2 reports: Type I and Type II.

A Type I report is a point-in-time report that assesses how your security controls are designed.

A SOC 2 Type 2 report examines how well a service organization's system and controls perform over a period of time (typically 3-12 months).

Both report types require an external audit by an AICPA-accredited CPA firm. Organizations that need a SOC 2 report as quickly as possible may opt for a Type I report, which takes less time to complete. However, SOC 2 Type II reports hold more weight with customers and will be necessary for most companies to achieve.

Compliance Glossary

Recommended Reading

Join the thousands of companies using Secureframe

Secureframe Comply

Secureframe Trust

Product Updates

Continuous Monitoring

Integration Library

Automated Tests

Personnel Management

Asset Inventory Management

Vendor Management

Vendor Access

Risk Management

Data Rooms

Readiness Reports

Trust Center

Questionnaire Automation

Knowledge Base Chrome Extension

SOC 2

ISO 27001

HIPAA

PCI DSS

CCPA

GDPR

Technology

Healthcare

Retail

Manufacturing

Financial Services

Government

Media

Professional Services

Auditors

Become an Audit Partner

Service Providers

Resellers

Become a Partner

Audit Partner Login

Channel Partner Login

MSP Partner Login

Blog

Help Center

Compliance Hubs

Compliance Resources

Glossary

Blog

Blog

Blog

About

Careers

Security

Newsroom

Partner Offers

AWS Partner Network

Compliance Glossary

Recommended Reading

Join the thousands of companies using Secureframe