Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » NIST » NIST CSF Informative References

NIST CSF Informative References

Informative references in NIST CSF are the sources that help to achieve a particular requirement. These sources are mapped to other guidelines, frameworks, or practices that are common among all sectors. 

For example, the Identify function in NIST CSF includes the subcategory that requires users to build an inventory for their physical devices and systems. The informative references for achieving this include the following: 

  • CIS CSC 1 
  • COBIT 5 BAI09.01, BAI09.02 
  • ISA 62443-2-1:2009 4.2.3.4 
  • ISA 62443-3-3:2013 SR 7.8 
  • ISO/IEC 27001:2013 A.8.1.1, A.8.1.2 
  • NIST SP 800-53 Rev. 4 CM-8, PM-5

Additional reading

PCI Vulnerability Scan

PCI Vulnerability Scan 101: All You Need to Know

All small business owners and merchants need to accept credit card payments when performing transactions regularly. However, there are inherent data security risks to manage and mitigate if you handle customer credit card information. The Payment Card Industry Data Security Standards (PCI DSS) must be followed by all companies that take credit cards. To protect…
hipaa violations

HIPAA Violation: Understanding the Risks and Penalties

If you’re in the healthcare industry, it’s important that you pay attention to the Health Insurance Portability and Accountability Act (HIPAA) because breaking its rules could land you in some serious trouble. You’re looking at hefty fines, at the very least. The more serious cases can lead to prison sentences.  The Department of Health and…
ISO 27001 Checklist

ISO 27001 Checklist (Download Free Template)

ISO 27001 is the world’s gold standard for ensuring the security of information and its supporting assets. By obtaining ISO 27001 certification, an organization can demonstrate its security procedures to potential clients anywhere in the world. Our ISO 27001 checklist serves as a comprehensive guide to help you implement and manage your ISMS. Using an…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.