Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
NIST CSF Informative References
Informative references in NIST CSF are the sources that help to achieve a particular requirement. These sources are mapped to other guidelines, frameworks, or practices that are common among all sectors.
For example, the Identify function in NIST CSF includes the subcategory that requires users to build an inventory for their physical devices and systems. The informative references for achieving this include the following:
- CIS CSC 1
- COBIT 5 BAI09.01, BAI09.02
- ISA 62443-2-1:2009 4.2.3.4
- ISA 62443-3-3:2013 SR 7.8
- ISO/IEC 27001:2013 A.8.1.1, A.8.1.2
- NIST SP 800-53 Rev. 4 CM-8, PM-5
Additional reading
Best CAASM Tools for Cyber Asset Visibility
Having complete visibility of your business assets is the first step towards securing your attack surface. But what is an asset? As per the NIST’s special publication, an asset means ‘’Anything that has value to an organization or a person.’’ Then, what does value mean to a business? Almost everything used to run a business…
Your Guide to ISO 27001 Lead Auditor Training
Implementing and maintaining an ISO 27001–compliant Information Security Management System (ISMS) isn’t just a checkbox exercise; it’s a complex, ongoing effort that demands both expertise and precision. With numerous controls to manage, stakeholders to align, and processes to coordinate, the task can quickly become overwhelming. That’s why having a certified lead auditor on your side…
ISO 27001 Certification Cost Breakdown: Plan Your Compliance Budget
TL;DR Sprinto can help you get ISO 27001 ready faster by continuously monitoring controls, collecting evidence, and keeping your compliance program audit-ready. There are four ways to go about your ISO 27001 certification. You can go either with a DIY approach, a GRC tool, an external consultant or run your compliance program autonomously with Sprinto….
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
