Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary Β» PCI DSS Β» Compensating Controls

Compensating Controls

Also referred to as Alternative Controls, it is a set of security and privacy controls implemented by an organization in lieu of the NIST Special Publication 800-53 to mitigate risks and provide an alternative approach to achieving the same security objectives as primary controls. They are often used to reduce the impact of security breaches or data loss when standard controls are not functioning as intended or when you cannot implement primary security controls due to technical or operational limitations. Compensating controls should be appropriately documented and regularly reviewed to ensure their effectiveness.

Additional reading

Stakeholder Alignment in Cybersecurity: Conflicts, Confusions & Implications

Cybersecurity doesn’t just need more money; it needs better direction. Misaligned priorities cost more than tight budgets ever will. Despite increased involvement from executives and boards, many cybersecurity teams still struggle to communicate risk in business terms. Misalignment persists between CISOs and CFOs, in terms of compliance and strategy, and between the reality of market…

100+ Latest Social Engineering Statistics: Costs, Trends, AI [2025]

A single click can bypass every tool in your security stack. That’s the risk social engineering poses today. Modern attackers no longer need to exploit vulnerabilities in code. They exploit vulnerabilities in behaviourβ€”fatigue, familiarity, urgency, and routine.  Despite continued investments in zero trust frameworks, SIEM (Security Information and Event Management) systems, and endpoint security, organizations…

Cybersecurity Architecture: Key Components, Design, and Goals for Protection

TL;DR In May 2021, one of the largest fuel pipelines in the United States was forced to shut down after malicious actors successfully breached their computer network and launched a ransomware attack. The shutdown of this critical infrastructure highlights how hackers can exploit vulnerabilities and halt operation, even in large government systems.  Officials responding to…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales