Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Statement of Applicability
A Statement of Applicability is a document needed for ISO 27001 certification. It’s a document that declares the Annex A controls that your enterprise determined to be necessary for mitigating information security risk, including the Annex A controls that were excluded.
Additional reading
GRC Team: Roles, Responsibilities, and Roadmap to Build One in 2026
Around the 100 to 200 Full-Time Employees (FTE) mark, most mid-market SaaS companies start to feel the strain as their GRC and compliance complexity outpace manual control. New hires, new systems, and customer expectations create a compliance surface that’s too wide to manage informally. What was once an informal effort now needs structure, defined roles,…
NIST Risk Assessment: Identifying and Managing Security Risks
The National Institute of Standards and Technology (NIST) is considered the gold standard for data security among US federal agencies. The framework enables you to strengthen your security posture by implementing strong security measures to safeguard sensitive data. Companies aren’t mandated to become NIST-certified. However, companies that fall under the federal information systems must be…
PCI DSS Audit: A Complete Guide + Downloadable Checklist
Willie Sutton, the infamous twentieth-century U.S. criminal, was allegedly known to rob banks because “that’s where the money is.” In this digital age, organizations are exposed to financial fraud due to their lax security- leaving sensitive consumer data stolen and misused. To protect against this, PCI DSS (Payment Card Industry Data Security Standard) was set…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
