Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
NIST CSF Informative References
Informative references in NIST CSF are the sources that help to achieve a particular requirement. These sources are mapped to other guidelines, frameworks, or practices that are common among all sectors.
For example, the Identify function in NIST CSF includes the subcategory that requires users to build an inventory for their physical devices and systems. The informative references for achieving this include the following:
- CIS CSC 1
- COBIT 5 BAI09.01, BAI09.02
- ISA 62443-2-1:2009 4.2.3.4
- ISA 62443-3-3:2013 SR 7.8
- ISO/IEC 27001:2013 A.8.1.1, A.8.1.2
- NIST SP 800-53 Rev. 4 CM-8, PM-5
Additional reading
How to Become a GRC Auditor: The Complete Roadmap
Every security failure, breach, or fine can be attributed to a gap that no one caught at the right time. Cybersecurity auditors, sometimes called GRC auditors, exist to close these gaps. On a typical day, their work involves planning audits, assessing organizational safeguards, testing systems, and documenting findings. It’s detail-heavy but also demands strategic thinking….
Decoding Compliance Budget 101: Planning & Optimization Hacks
Creating a compliant organization is a high-stakes endeavor. Strict regulations have made organizations and institutions take compliance efforts more seriously. Given the sophisticated nature of compliance, it is challenging to allocate a budget that influences security policies and creates a disciplined compliance environment. So how do you, as a CTO, decode the compliance budget and…
Honest Hyperproof Review 2026: Pros, Cons, Features & Pricing
TL;DR Hyperproof is better suited for mid-market and enterprise teams needing customizable, multi-framework compliance with structured audit workflows. Sprinto helps teams achieve continuous compliance, deeper automation, and lower recurring operational burden as audits and frameworks recur. Hyperproof offers strong configurability but limited native analytics; Sprinto emphasizes automation depth and easier onboarding. Hyperproof is a security…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
