Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » GDPR » User-Managed Access

User-Managed Access

User-Managed Access, or UMA, enables your employees and customers a convenient way to regulate who gets access to personal data, under what circumstances, and for how long.

Additional reading

What Are GRC Processes? A complete Guide

TL,DR: GRC processes connect governance, risk, and compliance work through shared controls, evidence, and reporting. The article covers COSO, COBIT, ISO 31000, and the Learn, Align, Perform, Review cycle. Use it to reduce duplicate work, improve audit readiness, and make risk decisions faster. A compliance team spends weeks preparing for a SOC 2 audit while…

TISAX Explained: Understanding Scope, Impact, and the Certification

TL,DR: TISAX is an automotive security assessment standard for protecting sensitive supply-chain information. It applies to OEMs, suppliers, and service providers, with three assessment levels based on data sensitivity. Certification requires ENX registration, preparation, external assessment, remediation, and ongoing security maturity. The automotive industry is accelerating toward a future of autonomous vehicles, robotaxis, and connected…

HIPAA Disaster Recovery Plans: Ensuring Compliance and Continuity in Healthcare Operations

TL,DR: A HIPAA disaster recovery plan guides organizations to restore assets and secure ePHI following a disaster. The Security Rule requires 5 contingency elements: data backup, disaster recovery, emergency mode operations, testing procedures, and criticality analysis Data backup mandates processes to retrieve exact ePHI copies. Disaster recovery mandates restoration procedures. Emergency mode mandates maintaining critical…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.