Glossary of Compliance
Compliance Glossary
Our list of curated compliance glossary offers everything you to know about compliance in one place.
Right of Information
Right of information gives individuals the right to be informed about how their personal data is collected and used by the controller. If the data is directly obtained, the concerned person must be informed at the time of obtaining the data. If the data is not directly obtained, the concerned person must be informed within a reasonable period of time; not later than a month.
Additional reading
NIST Password Guidelines: 11 Rules to Follow (Latest Version Updated)
TL,DR: NIST password guidelines emphasize stronger, user-friendly authentication practices. Recommended practices include long passwords, blocklists, MFA, and avoiding unnecessary forced resets. Businesses should align password policies with usability, security, and continuous monitoring. Passwords have always been a contentious topic within the cybersecurity world and among everyday users. No one enjoys understanding the complex rules or…
Standard Contractual Clauses: A Guide for International Data Transfers
TL,DR: Standard Contractual Clauses support lawful international data transfers under GDPR requirements. They define obligations between data exporters and importers when personal data moves across borders. Businesses should review transfer risks, contracts, safeguards, and vendor responsibilities. Data is sensitive, and ensuring the integrity and security of the personal data of the citizens of the European…
Internal Control Deficiencies – How to Evaluate Effectively
TL,DR: Internal control deficiencies are problems or misconfigurations that lead to non-compliance, inefficiency, and misreporting over time. Three types exist: preventive (stop events), detective (identify during occurrence), and corrective (rectify issues found) Deficiencies are classified by severity: control deficiency (cannot prevent misstatements), significant deficiency (materially increased risk), and material weakness (reasonable possibility of undetected material…

Sprinto: Your growth superpower
Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.





