Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
NIST CSF Informative References
Informative references in NIST CSF are the sources that help to achieve a particular requirement. These sources are mapped to other guidelines, frameworks, or practices that are common among all sectors.
For example, the Identify function in NIST CSF includes the subcategory that requires users to build an inventory for their physical devices and systems. The informative references for achieving this include the following:
- CIS CSC 1
- COBIT 5 BAI09.01, BAI09.02
- ISA 62443-2-1:2009 4.2.3.4
- ISA 62443-3-3:2013 SR 7.8
- ISO/IEC 27001:2013 A.8.1.1, A.8.1.2
- NIST SP 800-53 Rev. 4 CM-8, PM-5
Additional reading
ISO 27001 Acceptable Use Policy: Requirements, Template, and Best Practices
Scaling a fast-growing tech company comes with invisible risks. As new people, devices, and apps flood your environment, the chances of misuse, accidental data leaks, or non-compliance skyrocket. Founders and compliance leaders often discover too late that while technical controls are in place, one unclear policy, or worse, no policy at all, can derail an…
What is Internal Audit Software and Why Use It?
When issues arise in an external audit, the first question that top management asks is if these issues were highlighted during an internal audit. It automatically suggests a failure to address potential weaknesses that were identified earlier in the process. Internal audits are a crucial component of the certification process. However manual methods of filling…
What are Metrics & KPIs in Cybersecurity – Detailed Guide
As a seasoned security professional, you understand the struggles of convincing the board to approve an increase in the cybersecurity budget or obtain that data privacy compliance certification. You are also familiar with the perplexed faces of non-technical stakeholders when you’re emphasizing the importance of cybersecurity best practices. Edwards Heming aptly states, “Without data, you’re…
Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.
