Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » ISO 27001 » Critical Infrastructure

Critical Infrastructure

Critical infrastructure describes the physical assets and I.T. systems that are so vital to the enterprise that their destruction or incapacity would have a devitalizing impact on the economic or physical security or public health and safety.

Additional reading

SOC 1 vs SOC 2: Understanding the Key Differences

TL,DR: SOC 1 evaluates internal controls over financial reporting; SOC 2 evaluates information security controls. Both reports have Type 1 and Type 2 options, depending on testing period. The article explains which report customers ask for and when teams may need both. Information security and compliance aren’t anymore just nice-to-have features. Thanks to the proliferation…

ISO 27017 Explained: Cloud Security Controls, Scope & Certification Guide

TL,DR: ISO 27017 adds cloud-specific security guidance to ISO 27001 and ISO 27002 controls. It clarifies shared responsibility across cloud providers and customers for access, encryption, logging, and monitoring. The article explains cloud controls, implementation challenges, certification limits, ISO 27001 integration, and audit evidence. ISO 27017 is a cloud-specific security standard that provides practical guidance…

How Can You Achieve GDPR Compliance in 2026? A Guide for Businesses

TL,DR: GDPR applies to any business processing EU residents’ personal data, regardless of location. Core steps include data mapping, consent, privacy notices, safeguards, DPO review, and breach reporting. The article explains scope, penalties, data transfers, compliance steps, and privacy program ownership. GDPR compliance is vital for organizations operating within the EU. Non-compliance can lead to…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.