Glossary

Term

Definition

Monitor

A compliance check that validates a control, either automatically or manually.

Workflow Check

A manual compliance control that requires human verification or evidence upload.

Failing

The monitor is not compliant with the control’s expected configuration or policy.

Passing

The monitor is compliant with the expected control and requires no action.

Pending Evidence

The monitor requires uploaded documentation to confirm compliance.

Not in Scope

A user or asset has been marked as out of the control’s applicability.

Mark as Resolved

The action used to manually confirm that a failing monitor has been addressed.

Dr. Sprinto

A device-level agent used to monitor endpoint compliance (e.g., screen lock, OS updates).

Decisioning

The process of marking users or resources as in-scope or excluded from checks.

Employee Portal

A user-facing interface for completing tasks like device health reports or confirming compliance actions.

Evidence Upload

The process of submitting screenshots, documents, or exports to prove compliance.

Root User

A superuser account on platforms like AWS or GitHub that requires strict controls (e.g., MFA).

Critical System

A system with access to sensitive data or infrastructure, subject to stricter controls.

Point-in-Time Recovery (PITR)

A backup method that allows restoring data to a specific time in the past.

Access Review

A review of user permissions to ensure access is aligned with roles and responsibilities.

Screen Lock Enforcement

A system policy requiring automatic screen lock after a period of inactivity.

Branch Protection Rule

A source control rule that prevents direct changes to production branches without review.

Dependabot Alerts

GitHub-native security alerts about vulnerabilities in software dependencies.

Encryption Key Management

The process of securely creating, storing, and rotating cryptographic keys.

CloudTrail

AWS’s audit logging service that tracks account activity and API usage.

Flow Logs

Logs of network traffic for cloud services like AWS VPC, Azure NSG, or GCP VPC.

Registry Policy

A Windows system setting defined through the registry to enforce security policies.

gpupdate

A Windows command that forces group policy refresh, often used to apply security changes.

Service Account

A non-human account used for automation or application access; often excluded from user-level controls.

Evidence Trail

The collection of artefacts and logs that demonstrate how controls were implemented.

Change Management

A formal process to track, approve, and log changes to systems or processes.

Disaster Recovery (DR)

A documented strategy and set of actions to restore systems and data after an outage.