# Frequently Asked Questions

This article addresses common questions related to performing, managing, and monitoring compliance reviews in Sprinto.

***

### 1. What are the different types of reviews in Sprinto?

Sprinto supports two main types of reviews:

* **Senior Management Reviews** – Automatically triggered based on compliance framework SLAs (e.g. policy, risk, org structure, vendor reviews).
* **Workflow Checks** – Custom review processes created manually (e.g. internal audits, PCI DSS reviews, board evaluations).

***

### 2. Who is responsible for completing reviews?

* **Infosec Officers** perform tasks such as internal audits, risk assessments, and policy drafting.
* **Senior Management** reviews and approves these actions periodically.
* **Assigned Stakeholders** handle custom workflow checks as defined by the organisation.

***

### 3. How do I know when a review is due?

Sprinto highlights review status as:

* **Due** – Needs attention, but still within the SLA window.
* **Critical** – Due in 7 days or fewer.
* **Failing** – Overdue and non-compliant.
* **Passing** – Completed successfully.

Email notifications are also sent to the assigned reviewer when a check is triggered.

***

### 4. What happens if a review is overdue?

The review status changes to **Failing**, and Sprinto continues to flag it until resolved. Overdue reviews may be escalated during audits or internal compliance checks.

***

### 5. Can I upload evidence later if I forgot during review submission?

Yes. Navigate to **Reviews > Workflow checks**, find the check, click **Manage**, and upload the evidence.

***

### 6. How do I mark a check as not applicable?

Click **Manage** on the relevant workflow check and select **Mark as special case**. Provide a reason (e.g. vendor deactivated, audit deferred), and Sprinto will log the exception.

***

### 7. Can I disable or archive workflow checks?

Yes. Under the **Workflow checks** tab, click **Manage** on the check and then **Disable**. The check will move to the **Disabled** tab.

***

### 8. How do I view past reviews?

Click **View completed reviews** on any review card to see who submitted it, when it was completed, and any attached evidence or comments.

***

### 9. What file formats are supported for evidence upload?

Sprinto accepts the following formats:

* PDF, DOCX, CSV, XLSX
* PNG, JPEG

Maximum size per upload: 25 MB or 25 files.

***

### 10. Do I need to assign roles before performing reviews?

Yes. Roles such as **Infosec Officer** and **Senior Management** must be assigned from **Security Hub > People > Infosec roles** before relevant checks can be performed.