As part of your vendor risk management, you should be asking each of your vendors for a SOC report, especially your critical and high-risk vendors. When analyzing your vendor’s SOC reports, it’s crucial you understand the different terminology to properly analyze and assess the risk posed to your organization.
To help guide you and your team in understanding some of the most common terms found in a SOC report, we've created a simple dictionary for you to reference.