Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
BAA
A Business Associate Agreement (BAA) is a signed agreement between covered entities and business associates. HIPAA privacy rule mandates that covered entities who share PHI with third party service providers specify the responsibilities of each party to secure PHI.
A BAA must describe the permitted rules to use or disclose PHI and require the business associate to implement appropriate safeguard to maintain the security of PHI.
Additional reading
Understanding VAPT: Audit Types, Process, and Benefits in 2026
TL,DR: VAPT combines vulnerability assessment and penetration testing across networks, applications, and systems. It identifies weaknesses, validates exploitability, and supports audits or customer security reviews. The article explains VAPT types, process, benefits, and why regular testing matters. In late 2019, US government agencies were grappling with what unfolded to be one of the most sophisticated…
ISO 27001 Compliance [2026]: An Updated Guide
TL,DR: ISO 27001 compliance means maintaining a risk-based ISMS for confidentiality, integrity, and availability. Certification requires scope, risk assessment, documents, Annex A controls, audits, and management review. The article covers clauses 4–10, 93 Annex A controls, timelines, costs, and maintenance. A survey of small and medium-sized businesses indicates that 94% reported experiencing a cyberattack in…
When Crisis Strikes, Be Ready: Creating a Business Continuity Policy That Works
TL;DR A Business Continuity Policy (BCP) is yourorganization’s resilience blueprint. It outlines strategies to maintain critical operations during disruptions, from cyber attacks to natural disasters. Effective BCPs are built on thorough risk assessment and business impact analysis. They prioritize critical functions, set recovery objectives, and allocate resources strategically. Crafted effectively, a BCP can provide an…

Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.





