Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Statement of Applicability
A Statement of Applicability is a document needed for ISO 27001 certification. It’s a document that declares the Annex A controls that your enterprise determined to be necessary for mitigating information security risk, including the Annex A controls that were excluded.
Additional reading
Risk Control Measures: Your first line of defense against threats
An underprepared business is one risk materialization away from a tenuous period of operational disruptions, economic downturn, and reputational damage. Risk is a constant in the cybersecurity realm, and while most businesses realize this, their risk readiness says otherwise. According to the 2024 State of Risk Oversight Report, 27% of organizations do not have an…
ISO 42001: Core Clauses, Steps, Challenges
TL;DR ISO 42001 operationalizes responsible AI principles through structured clauses (like risk assessment, transparency, and human oversight) and 39+ Annex A controls. Adopting ISO 42001 helps meet emerging global AI regulations (EU AI Act, NIST AI RMF, Canadaβs AIDA) by aligning with their core requirements like explainability, accountability, and post-market monitoring. Common challenges include scoping…
IT GRC Tools: Complete Guide to Governance, Risk, and Compliance
Most businesses end up adopting IT GRC tools after theyβve seen what happens without it. Every new vendor integration, every new cloud deployment, exposes you to new risks and vulnerabilities. The old way of managing risk is built for a slower world. At first, itβs manageable, with a few spreadsheets here and a few docs…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
