Sprinto Dashboard

How it Works

Understand how Sprinto’s Frameworks section works, from enabling a framework to monitoring compliance readiness.

The Frameworks section helps you enable and manage compliance standards within Sprinto. It breaks your compliance journey into clear steps—starting from framework selection and scope definition to control mapping and continuous monitoring.

Step 1: Enable a framework

  • Navigate to Compliance > Frameworks from the left navigation.

  • Choose from standard frameworks (such as SOC 2, ISO 27001, PCI DSS, or regional regulations) or create a custom framework.

  • Once enabled, the framework appears on your dashboard with readiness indicators.

Step 2: Review criteria

  • Each framework is organised into criteria representing specific compliance requirements.

  • The scope status (In scope or Not in scope) determines whether the criterion applies to your organisation.

  • Select a criterion to view its description and any linked controls.

Step 3: Map controls to criteria

  • Controls are the actions, policies, or configurations that fulfil a criterion.

  • You can map:

    • Automated checks – System-run checks to validate compliance (e.g., encryption enabled).

    • Workflow checks – Manual steps that require review or evidence from your team.

  • The same control can be reused across multiple criteria in different frameworks.

Step 4: Manage scope

  • Use the Manage scope option within a criterion to include or exclude it from your compliance plan.

  • Exclude criteria that are not relevant to your business or regulatory requirements.

Step 5: Monitor progress

  • Your framework readiness percentage updates as mapped controls pass verification.

  • Automated checks run continuously, and workflow checks prompt assigned staff when action is needed.

  • Failing checks are flagged for remediation to maintain readiness.

Step 6: Update control mappings

  • To change control mappings, click Manage next to the mapped controls list in a criterion.

  • Uncheck controls you want to unmap and save your changes.

  • This flexibility helps align controls with evolving compliance requirements.

Step 7: Audit and reporting

  • Export readiness reports for auditors or share them with stakeholders.

  • Continuous monitoring ensures that compliance status remains transparent and up-to-date.

PreviousFrameworksNextDashboard Actions

Last updated