Frequently Asked Questions

Find answers to common questions about managing reviews, roles, and compliance workflows in Sprinto.

This article addresses common questions related to performing, managing, and monitoring compliance reviews in Sprinto.

1. What are the different types of reviews in Sprinto?

Sprinto supports two main types of reviews:

Senior Management Reviews – Automatically triggered based on compliance framework SLAs (e.g. policy, risk, org structure, vendor reviews).
Workflow Checks – Custom review processes created manually (e.g. internal audits, PCI DSS reviews, board evaluations).

2. Who is responsible for completing reviews?

Infosec Officers perform tasks such as internal audits, risk assessments, and policy drafting.
Senior Management reviews and approves these actions periodically.
Assigned Stakeholders handle custom workflow checks as defined by the organisation.

3. How do I know when a review is due?

Sprinto highlights review status as:

Due – Needs attention, but still within the SLA window.
Critical – Due in 7 days or fewer.
Failing – Overdue and non-compliant.
Passing – Completed successfully.

Email notifications are also sent to the assigned reviewer when a check is triggered.

4. What happens if a review is overdue?

The review status changes to Failing, and Sprinto continues to flag it until resolved. Overdue reviews may be escalated during audits or internal compliance checks.

5. Can I upload evidence later if I forgot during review submission?

Yes. Navigate to Reviews > Workflow checks, find the check, click Manage, and upload the evidence.

6. How do I mark a check as not applicable?

Click Manage on the relevant workflow check and select Mark as special case. Provide a reason (e.g. vendor deactivated, audit deferred), and Sprinto will log the exception.

7. Can I disable or archive workflow checks?

Yes. Under the Workflow checks tab, click Manage on the check and then Disable. The check will move to the Disabled tab.

8. How do I view past reviews?

Click View completed reviews on any review card to see who submitted it, when it was completed, and any attached evidence or comments.

9. What file formats are supported for evidence upload?

Sprinto accepts the following formats:

PDF, DOCX, CSV, XLSX
PNG, JPEG

Maximum size per upload: 25 MB or 25 files.

10. Do I need to assign roles before performing reviews?

Yes. Roles such as Infosec Officer and Senior Management must be assigned from Security Hub > People > Infosec roles before relevant checks can be performed.

PreviousFilter, Track, and View Review History NextGlossary

Last updated 7 months ago

hashtag1. What are the different types of reviews in Sprinto?

hashtag2. Who is responsible for completing reviews?

hashtag3. How do I know when a review is due?

hashtag4. What happens if a review is overdue?

hashtag5. Can I upload evidence later if I forgot during review submission?

hashtag6. How do I mark a check as not applicable?

hashtag7. Can I disable or archive workflow checks?

hashtag8. How do I view past reviews?

hashtag9. What file formats are supported for evidence upload?

hashtag10. Do I need to assign roles before performing reviews?