Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » Data Minimization

Data Minimization

Data Minimization represents that a data controller should restrict the collection of personal information to what is directly necessary and relevant to accomplish a certain task and only for a period deemed necessary to fulfil that purpose.

Additional reading

NIST vs ISO 27001

NIST vs ISO 27001 Compliance: What’s the Difference?

The National Institute of Standards and Technology (NIST) Cyber Security Framework (CSF) and ISO 27001 are compliance frameworks aiming to enhance an organization’s security posture by implementing controls and policies around data security. As an organization, which framework among the two is best suited for you? While there is no definitive answer to that question,…
soc 2 training

A Quick Guide to SOC 2 Training

SOC 2 is one of the most globally accepted frameworks to demonstrate your business’ approach toward the security and integrity of data. As a result, a SOC 2-compliant company is likely to crack more deals. The reason for that is simple: they can show their prospects that their business environments are safe. In this article,…

PCI DSS Fines: How Much Will It Cost?

A fine of $145 million and a ban from processing card payments for 14 months. That was the PCI DSS fine Heartland paid for data theft of 100 million debit and credit card data from their site in 2008/2009. Target was another recent recipient of PCI DSS fines—they paid $18.5 million in settlements and $202…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.