Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » NIST » NIST Framework Profile

NIST Framework Profile

A NIST Framework Profile is an organization-specific configuration of the NIST Cybersecurity Framework (CSF) based on its business requirements, goals, and appetite for risks.

Thus, it functions as an adaptation of how such an organization applies the five functional models of the framework – Identify, Protect, Detect, Respond, and Recover.

There are two ways a profile can be used:

Current profile: The current cybersecurity controls are already implemented in the organization, a fact which is illustrated in this paper.
Target profile: Describes what the goals require the cybersecurity posture to become in the future.

The difference between current and target profile will help organizations to define security weaknesses, determine what steps should be taken first, and to create an actionable plan to enhance their security policies. NIST Framework Profile can be adapted to accommodate businesses of any size or type so that all can improve their cybersecurity posture.

Additional reading

Blogs HIPAA

How to Comply with the HIPAA Minimum Necessary Rule

Much of the administrative simplification rule of HIPAA focuses on preventing unauthorized disclosure of protected health information (PHI). A good practice that helps to protect PHI is applying the HIPAA minimum necessary rule standard. This article details what this rule entails, how it works, cases where it is not applicable, and what happens when you…

Corporate Compliance: What is it And Why it’s Important

Corporate compliance—it’s one of those terms that gets thrown around a lot, but what does it really mean, and why should businesses care? For many organizations, compliance feels like a checklist of rules to follow, but in reality, it’s so much more. Corporate compliance law is the systematic approach companies employ to ensure adherence to…

Blogs

Building Stronger Partnerships: Vendor Management Lifecycle Explained

In a recent Gartner survey, 84% of risk committee members reported that gaps in third-party risk management significantly disrupted their business operations. This statistic underscores the critical importance of adopting a structured process to manage risks and operations associated with external vendors. For organizations relying on third-party vendors for essential business functions, establishing and maintaining…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales