Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » Data Transfer

Data Transfer

Data Transfer is an intentional sending or authenticating of some other party for the use of personal data, where neither sender nor the recipient is a data subject. At the same time, data transfer should not be confused with data collection.

Additional reading

PCI Vulnerability Scan: A Complete Compliance Guide

TL,DR: A PCI vulnerability scan is an automated test identifying potential network vulnerabilities. PCI DSS requires all organizations to conduct both internal and external scans at least quarterly and after substantial network changes External scans must be performed by a PCI SSC Approved Scanning Vendor (ASV) covering public-facing systems. Internal scans focus on hosts, servers,…

Third-Party Risk Management Framework: Steps to Select in 2026

TL,DR: A TPRM framework helps identify, assess, monitor, and reduce third-party vendor risk. Core components include risk identification, assessment, monitoring, mitigation, and continuous security checks. Use it to evaluate vendor exposure across cybersecurity, legal, financial, and operational risk. Over 80% of legal and compliance leaders stated that they discover third-party risks after the initial onboarding…

ISO 9001 Document Controls: Clauses & Requirements

TL;DR ISO 9001 controls are the documented processes, responsibilities, and checks that help a Quality Management System (QMS) operate consistently across customer requirements, supplier management, quality verification, nonconformities, and corrective action. ISO 9001 document controls fall under Clause 7.5, which requires documented information to be current, approved, version-controlled, accessible as needed, and protected against loss,…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.