Governance & Compliance Monitors

Track and resolve governance-related compliance checks in Sprinto, including risk assessments and management workflows.

The Governance & Compliance Monitors section helps you track organisational and policy-level controls that are not directly tied to cloud infrastructure or user identity providers. These checks typically align with:

Risk governance
Policy enforcement
Compliance program oversight

They are designed to ensure that your organisation follows a structured, repeatable approach to identifying risks, assigning responsibilities, and maintaining up-to-date security documentation.

What does Sprinto monitor here?

Sprinto automatically evaluates whether your organisation is:

Check Type

Description

Periodic Risk Assessment

Checks if your Risk Register is updated regularly and new risks are assessed.

Risk Owner Assignment

Verifies if each documented risk has a designated owner.

Risk Treatment Updates

Detects whether mitigation plans or accepted risks are outdated.

Policy Acknowledgment

(Planned) Tracks if teams have acknowledged key policies in Sprinto.

Key Checks and How to Resolve

1. Resolve Sprinto Check for Periodic Risk Assessment

Go to: Risk Register in Sprinto
Update stale risks or add new ones
Assign owners and update statuses
Upload evidence via the Risk Register or as supporting docs

Who is responsible for these checks?

Role

Responsibility

Compliance Officer

Coordinates the overall risk assessment process

Risk Owners

Maintain individual risks and mitigation progress

Infosec / GRC Teams

Provide oversight, alignment with frameworks, and reviews

Sprinto Admin

Uploads evidence and updates the platform accordingly

Evidence Examples

Screenshots of updated risks in Sprinto
PDF summary of your latest risk workshop
Uploaded trackers showing risk prioritisation
Audit logs of changes to risk entries

Upcoming Additions (Coming Soon)

Policy acknowledgment tracking
Policy-to-risk mapping monitors
Escalation workflows for overdue risks

Glossary

Term

Definition

Risk Register

A list of known risks, their impact/likelihood, and current status

Risk Owner

The person responsible for managing or mitigating a particular risk

Treatment Plan

Strategy for accepting, mitigating, or transferring a risk

PreviousAssign Roles for Sprinto Workflow Actions NextHow to resolve Sprinto check for periodic risk assessment

Last updated 5 months ago

hashtagWhat does Sprinto monitor here?

hashtagKey Checks and How to Resolve

hashtagWho is responsible for these checks?

hashtagEvidence Examples

hashtagUpcoming Additions (Coming Soon)

hashtagGlossary