Setup Guide
A step-by-step guide to getting started with Sprinto—set up your account, configure governance, build a security programme, and manage risks for complete compliance readiness.
Kick-start your compliance journey with Sprinto in four simple steps. This guide walks you through the essential setup actions to get your organisation up and running quickly. You’ll configure your account, set up governance, build your data security programme, and manage risks—ensuring a strong foundation for ongoing compliance.
Before you begin
Ensure you’ve signed up for Sprinto and received your account activation email.
Add the right stakeholders as Sprinto admins. We recommend:
People – HR representative
Infrastructure, Vulnerabilities, Change management – Infrastructure admin
Risks, Asset Register – Compliance officer
Reviews – Compliance officer, senior management
Keep your compliance frameworks in mind—these will guide the configurations you enable.
Step 1: Configure your Sprinto account
Log in to Sprinto
Use the sign-up link to access the admin portal. Log in with your credentials.
On first login, Sprinto will prompt you to set up your account.
Set up your company profile
Upload your company logo (256 x 256 px, .png or .jpg, max 2 MB).
Enter your display name (used in policies and documents) and legal name (used in audits and official letters).
Invite admin users
Add email addresses of admin users and click Invite & Proceed.
Invitees will receive a welcome email with their login details.
Enable compliance frameworks
Select the frameworks you want to enable.
Click View to review security controls, then Add controls to enable them.
Step 2: Set up staff and organisational governance
People
Add staff members via service integrations or manual entry (bulk upload or individual).
Assign security roles to define responsibilities. You can also create custom roles if needed.
Policies
Create policies using Sprinto templates, upload your own, or draft them using the built-in editor.
Optionally, sync policies from Confluence.
Send policies for approval once finalised.
Security trainings
Use Sprinto or integrate an external training provider.
Create and manage training campaigns for staff.
Device management
Use Dr. Sprinto for device health reporting or integrate a third-party MDM solution.
Staff onboarding
Configure onboarding workflows after adding staff, policies, and training.
Track onboarding progress and send reminders if needed.
Step 3: Build your data security programme
Access
Add critical access systems automatically (ACAS) or manually (MCAS).
Configure access controls, or integrate IAM tools for easier management.
Infrastructure
Integrate infrastructure services for automated monitoring, or set up workflow checks for manual monitoring.
Classify resources—only Production-classified assets are monitored for compliance.
Change management
Add code repositories, ticketing systems, or manual workflow checks.
Review and classify repositories.
Vulnerabilities
Integrate a vulnerability monitoring source or manage manually.
Review and close reported vulnerabilities.
Incidents
Use Sprinto or integrate an external system for incident management.
Review, manage, and report incidents.
Step 4: Identify and mitigate risks
Risk assessment
Add risks from the Sprinto library or manually.
Score risks and map mitigation plans.
Vendor management
Add vendors using the vendor library, CSV upload, or vendor discovery (SSO-based).
Perform due diligence for high-risk vendors.
Additional areas
Trust Centre – Showcase your compliance posture publicly.
Security Questionnaires – Maintain a centralised knowledge hub for customer questionnaires.
Support
Need help?
Visit our Support Centre
Last updated