Glossary
Definitions of key terms used in the Frameworks section of Sprinto.
This glossary explains the key terms used in the Frameworks section to help you understand and use the feature effectively.
Framework
A structured set of compliance requirements, such as SOC 2, ISO 27001, PCI DSS, or a custom framework. Used to guide and measure compliance readiness.
Criterion (Criteria)
An individual compliance requirement within a framework. Criteria are linked to controls for evidence collection and monitoring.
Enabled Frameworks
Frameworks that are currently active in your account and contribute to compliance tracking.
Available Frameworks
Frameworks that are not yet enabled but can be added to your compliance setup.
Control
A specific action, process, or configuration that satisfies a compliance requirement. Can be automated or workflow-based.
Automated Check
A system-run validation to confirm compliance (for example, checking if encryption is enabled).
Workflow Check
A manual verification process requiring evidence submission or review by assigned staff.
Scope
Indicates whether a criterion is applicable (In scope) or not applicable (Not in scope) to your organisation.
Readiness
The percentage indicating how much of a framework’s in-scope criteria are satisfied by mapped controls and passing checks.
Map Controls
The process of linking relevant controls to a framework’s criteria to satisfy compliance requirements.
Unmap Controls
The process of removing linked controls from a criterion.
Last updated