Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » NIST » NIST 800-145

NIST 800-145

NIST Special Publication 800-145, titled The NIST Definition of Cloud Computing, provides standardized terminology for cloud computing to ensure uniformity across organizations and industries. It outlines the key characteristics, deployment models, and service models associated with cloud computing to enhance understanding and cloud adoption.

NIST 800-145 outlines five essential characteristics of cloud computing: on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service.

  1. On-demand self-service: This means that users can allocate cloud resources on demand without manual intervention
  2. Broad network access: It indicates that cloud services can be accessed from a wide range of devices using standard methods such as browsers.
  3. Resource pooling: This indicates that cloud computing resources are pooled to provide service to multiple customers
  4. Rapid elasticity: This means that cloud capabilities can be scaled up and down based on requirements
  5. Measured service: It indicates that the usage of cloud resources is monitored and reported

Three Service models: Cloud service models include Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS).Four deployment models: The deployment models are categorized as public cloud, private cloud, hybrid cloud and community cloud.

Additional reading

SOC 2 Compliance Checklist: A Step-by-Step Guide For 2026

TL;DRThe SOC 2 compliance process involves defining objectives, choosing the report type, conducting internal risk assessments, performing gap analysis, contacting an auditor, and more. Autonomous compliance reduces the need for repeated SOC 2 work by keeping controls, evidence, and ownership aligned as your environment changes. Using automation tools for SOC 2 compliance will save you…

GDPR For Small Businesses: A Quick Guide For 2026

TL;DR GDPR compliance for small businesses exempts them from its record-keeping requirements for data processing with a few criteria. GDPR requirements include processing data on a lawful basis, privacy by design and default, data security, accountability & governance, and privacy rights of data subjects. Complying with GDPR includes a 12-step checklist containing identifying and updating…

ServiceNow Alternatives: 11 GRC Platforms Worth Shortlisting in 2026

If you are evaluating ServiceNow for IRM or GRC, you are probably trying to fix more than tool sprawl. You want a single pane to run risk registers, controls, issues, remediation, and audit evidence. You do not want your GRC team to spend half its week chasing owners, rebuilding reports, or translating the same status…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales