Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
NIST CSF Core Functions
The NIST Cybersecurity Framework (NIST CSF) comprises five core functions – Identify, Protect, Detect, Respond, and Recover. These functions offer guidelines to industries, governments, agencies, and organizations of all sizes, sectors, and maturity to manage their cybersecurity risks effectively. These are further divided into five categories and subcategories. Lets understand each of these:
| Identify (ID): Involves understanding the current risk status of organizational assets like people, facilities, systems, hardware, and software. | ID.AM (Asset Management)ID.BE (Business Environment)ID.GV (Governance)ID.RA (Risk Assessment)ID.RM (Risk Management Strategy) |
| Protect (PR): Aids in securing identified assets by reducing the likelihood and impact of cybersecurity threats while enhancing opportunities. | PR.AC (Access Control)PR.AT (Awareness and Training)PR.DS (Data Security)PR.IP (Information Protection Processes and Procedures)PR.MA (Maintenance)PR.PT (Protective Technology) |
| Detect (DE): Helps teams discover and analyze anomalies and threat indicators that signal an ongoing or previous attack. | DE.AE (Anomalies and Events)DE.CM (Security Continuous Monitoring)DE.DP (Detection Processes) |
| Respond (RS): Supports actions that help mitigate and contain damages caused by a security attack. | RS.RP (Response Planning)RS.CO (Communications)RS.AN (Analysis)RS.MI (Mitigation)RS.IM (Improvements) |
| Recover (RC): Restores operations that have been affected to ensure business recovery and continuity. | RC.RP (Recovery Planning)RC.IM (Improvements)RC.CO (Communications) |
Additional reading
Cloud Compliance Overview: How To Achieve it ?
Cloud computing undoubtedly provides agility and flexibility to businesses. But with all the benefits it affords, it also introduces inherent security risks. Each cloud infrastructure type has its inherent vulnerabilities and this makes it essential to ensure that the provider upholds the highest standards of security and meets regulatory requirements. Without understanding these risks and…
Decoding Compliance Budget 101: Planning & Optimization Hacks
Creating a compliant organization is a high-stakes endeavor. Strict regulations have made organizations and institutions take compliance efforts more seriously. Given the sophisticated nature of compliance, it is challenging to allocate a budget that influences security policies and creates a disciplined compliance environment. So how do you, as a CTO, decode the compliance budget and…
Security Compliance Management: How to Automate
Imagine this. You’re a top executive in the finance department of the company. One day, you receive an email from your CEO’s email address explaining in great detail a scenario that resulted in him not being able to login to one of your databases. Nothing really seems to raise an alarm. The domain name looks…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
