Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » Subject Access Request

Subject Access Request

Under the Right of Access, a data subject (individual) can raise a written or verbal Subject Access Request (SAR) that grants them access to their information and allows them to understand if their information is being processed or not. Data processors will be required to fulfill SARs within a month of them being raised and in a format that is secure and easily understandable, accessible, and concise. Data processors can deny such requests if exceptions or restrictions are in effect. A third party may, with the right form of consent and permission, raise an SAR on behalf of a data subject.

Additional reading

ISO 27001 Policy Template: Key Sections & Free PDF

TL,DR: ISO 27001 policy templates help document security expectations and risk-management responsibilities. Common templates cover access control, incident response, asset management, and business continuity. Each policy should define purpose, scope, roles, risk treatment, and training expectations. Implementing ISO 27001 can feel like staring at a blank page with a looming deadline. Defining security controls, documenting…

A Quick Guide to SOC 2 Vendor Management

TL;DR SOC 2 vendor management evaluates and monitors third-party vendors against security and compliance standards outlined by SOC 2’s trust service principles. Vendors under SOC 2 include cloud service providers, IT infrastructure providers, data processors, software providers, and any external party that accesses or stores customer data on behalf of the reporting entity The process…

Sprinto vs Scrut vs Secureframe: Which compliance platform should you choose?

All three platforms will get you through a first SOC 2 or ISO 27001 audit, and all three have happy customers who say so on G2. The real differences show up later: when you add a second or third framework, when a control drifts between audits, and when your renewal lands and you ask whether the price still buys you actual work. This guide separates what each platform does (from vendor docs) from what it’s like to live with (from customer reviews), so you can pick on fit instead of feature-list length.

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.