Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » NIST » NIST CSF 2.0

NIST CSF 2.0

NIST Cybersecurity Framework (CSF) 2.0 is an update to NIST CSF framework. It expands principles of NIST CSF and adds more structured guidance on minimizing cybersecurity risks. It encompasses organizations of all sizes, irrespective of their security maturity.

After the successful debut of the NIST CSF in 2014 and adoption by 50% of US-based organizations just after 6 years of release, NIST started working on NIST CSF 2.0 in 2022. The CSF 2.0 was released in February 2024 to include not just critical infrastructure sectors but also businesses ranging from schools and startups to enterprise and government organizations.

NIST CSF 2.0 also has a lot of informative references for better adoption and supports integration with other risk programs. reflecting the rapidly changing digital landscape and serving as a comprehensive tool for organizations to strengthen their cybersecurity defenses.

Additional reading

Blogs Compliance management

Top 3 Data Privacy Frameworks Explained

TL,DR: Data privacy frameworks are rules governing how personal information should be collected, used, stored, and shared. The top 3 are NIST Privacy Framework, ISO 27701, and GDPR NIST helps manage privacy risks through enterprise risk management. ISO 27701 extends ISO 27001 with privacy-specific PII controls. GDPR applies to any organization processing EU residents’ data…

Blogs Third-party Risk Management

New Risks Emerging in Vendor Ecosystems (And What They Mean for TPRM)

Vendor ecosystems have become one of the largest risk surfaces for modern organizations. Businesses now rely on hundreds, often thousands, of vendors, including SaaS platforms, cloud services, processors, and subcontractors, to run day-to-day operations Recent incidents have shown how quickly failures in these ecosystems can cascade. Supply-chain cyberattacks have already demonstrated how vulnerable vendor ecosystems…

SOC 2

SOC 2 Compliance: A Complete Guide for 2026

SOC 2 compliance is a thorough standard—auditors ask tough questions and expect verifiable proof such as policies, screenshots, logs, or attestations. If you miss these, you risk piling up audit exceptions, which can damage customer trust. In this guide, we explain SOC 2, why it matters, and how to approach the compliance process strategically to…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales