Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » Right To Access

Right To Access

According to article 15 of the GDPR, every individual has the right to access information about their held data and details of processing criteria. This right forms the basis on which every other right under the GDPR is exercised. The fulfillment of this right happens in two distinct stages. The data controller first analyzes if any information from the data subject is being held or processed at any given point in time. And if so, the controller must provide the data subject information which includes but is not limited to, if and how their data is being used, recipients of said data, and the duration of storage.

Additional reading

Understanding Global Privacy Control (GPC): What It Is and Why It Matters

TL,DR: Global Privacy Control (GPC) is a universal browser-level signal allowing users to opt out of data sharing or selling across all websites at once, rather than managing consent on each individual site 63% of global consumers question corporate data transparency (Tableau). GPC is supported by Firefox, Brave, Privacy Badger, and DuckDuckGo. Chrome does not…

FISMA Requirements: List of Official Mandates and Practices

TL,DR: FISMA requires federal agencies and contractors to develop, document, and maintain security programs through 7 core activities: system inventory, risk categorization, baseline controls, risk assessments, security plans, certification/accreditation, and continuous monitoring Agency officials and CIOs must report annual reviews to the OMB. FISMA references FIPS 199 (categorization), FIPS 200 (minimum requirements), NIST SP 800-53…

Penetration Testing Methodologies and Testing Stages

TL,DR: Penetration testing methodology is the structured process of testing web applications, computer systems, or networks to identify security vulnerabilities that attackers can exploit, using automated tools or manual techniques Five main types exist: blind testing (no prior knowledge), targeted testing (collaborative between tester and organization), external testing (internet-facing assets), internal testing (simulating insider threats),…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales