Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Grounds For Processing
As set out in Article 6 of the GDPR, the lawful grounds for processing personal data are:
– Compliance with a legal obligation
– Consent of an individual
– Protecting the vital interests of a person
– Performance of a contract;
– Necessary for organizations to implement required changes in the public interest
Additional reading
A Quick Guide to Data Security Regulations
A UN Trade and Development study states that 79% of the countries worldwide have legislation on Privacy and Data Protection. The massive scale at which data is processed today and the growing reliance on technology underscore the pressing need for data security. Data regulations help establish guidelines for sensitive information protection and promote transparency, trust,…
ISO 27001 Controls: A Guide to Implementing Annex A Controls
TL;DR ISO 27001 controls (Annex A) are security measures (policies, processes, technical controls) used to manage risks and build an ISMS. You don’t implement all controls—you select relevant ones based on your risk assessment and Statement of Applicability (SoA). Controls are grouped into key domains (e.g., access control, cryptography, asset management, incident response, vendor risk)…
NIST Risk Management Framework: The 7 Steps Explained
The NIST Risk Management Framework provides a comprehensive approach for managing network infrastructure and operations risks. Published by the United States government, it provides a structured methodology for identifying, assessing, prioritizing, and mitigating risks related to networking technologies and activities within an organization. In this article, we understand what comprises the NIST risk management framework…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
