Glossary of Compliance

Compliance Glossary

Our list of curated compliance glossary offers everything you to know about compliance in one place.

Glossary » ISO 27001 » BCP Testing

BCP Testing

Business Continuity Planning (BCP) is the procedure of creating preventive and recovery systems to counter potential cyber threats to an enterprise or to ensure process continuity in the case of a cyberattack. BCP’s secondary goal is to make sure operational continuity before as well as during the execution of disaster recovery.

The planning entails personnel and asset protection, thus ensuring a swift recovery of operations in the event of an attack or loss of data. In short, the basic business continuity requirement is to keep necessary functions up and running in the event of a disaster and to be able to recover with as little downtime as possible. A business continuity plan also considers various unpredictable events, such as natural disasters, disease outbreaks, fires, cyberattacks, and other external threats.

Additional reading

A Guide to ISO 27003 and the ISMS Implementation Process

The ISO 27000 family of standards is an internationally recognized set of guidelines to help organizations implement, improve, or certify their information security. ISO /IEC 27001 is the central standard on which a number of supporting standards are outlined – such as ISO 27003.  In this article, we discuss what ISO 27003 is, its importance,…

Penetration Testing Methodologies and Testing Stages

TL,DR: Penetration testing methodology is the structured process of testing web applications, computer systems, or networks to identify security vulnerabilities that attackers can exploit, using automated tools or manual techniques Five main types exist: blind testing (no prior knowledge), targeted testing (collaborative between tester and organization), external testing (internet-facing assets), internal testing (simulating insider threats),…

IT GRC (Governance, Risk, & Compliance) For Scaling Businesses

As businesses grow, so does their investment in IT. This means areas like data analytics, cloud infrastructure, and cybersecurity need to expand quickly to meet rising demand. However, with all this growth there also comes a need for a strong framework to keep everything secure and compliant.  That’s where Governance, Risk, and Compliance (GRC) comes…

Sprinto: Your growth superpower

Use Sprinto to centralize security compliance management – so nothing
gets in the way of your moving up and winning big.

Contact sales