Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Mandatory Procedures
Mandatory procedures explain the rules for how employees, partners, consultants, board members, and other endpoint users access online internet and applications resources, share data over networks, and otherwise practice responsible security.
Additional reading
ISO 27001 vs ISO 27002: Key Differences and Use Cases Explained
TL,DR: ISO 27001 defines requirements for building and certifying an information security management system. ISO 27002 provides practical guidance for implementing information security controls. Organizations often use both together to strengthen security governance and compliance. More often than not, you have to convincingly demonstrate data security to inspire confidence and trust when you win a…
ISO 27001 Password Policy: Guidelines and Best Practices
TL;DR ISO 27001 doesn’t mandate specific password rules: it requires a risk-based approach to access control, ensuring passwords are strong, secure, and protected from unauthorized access. Requirements sit in Annex A Control 5.17 (ISO 27001:2022) and related access control clauses (9.1-9.4), covering access control policy, user access management, user responsibilities, and application access. No exact…
Top 11 Cyber Threat Intelligence Tools to Use in 2025
Years ago, security teams heavily relied on manually sourced intelligence to detect threats. They also employed traditional and largely manual techniques such as blacklisting a URL to eliminate known threats. However, the lack of real-time data meant there was no effective strategy in place to deal with upcoming potential risks. Therefore, as advanced threats and…

Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.





