# Glossary This glossary defines key terms used across the Policies module in Sprinto.
TermDefinition
PolicyA formal rule or requirement that governs organisational behaviour, security, or operations.
ProcedureA step-by-step guide that outlines how to implement a policy.
DocumentA general artefact that supports compliance, such as audit reports, charters, or ISMS scope documents.
DraftThe initial stage of a document. Drafts can be edited, reviewed, and submitted for approval.
Pending approvalIndicates that a policy has been submitted for approval but is not yet active.
ActiveA policy that has been approved and is available to employees for acknowledgement.
DisabledA policy that has been deactivated and is no longer visible to employees.
ReviewerA user who can leave comments on a draft policy but cannot approve or edit it.
ApproverA user authorised to approve a policy and move it to the active state.
VersionA tracked iteration of a policy, created when changes are made after activation.
ControlA specific compliance requirement that a policy helps satisfy.
Control mappingThe process of linking a policy to one or more compliance controls for audit purposes.
Sprinto templateA prebuilt, editable policy document aligned with specific frameworks (e.g. SOC 2, ISO 27001).
LibraryA repository of standard documents that can be added to your organisation’s policy set.
AcknowledgementAn employee’s confirmation that they have read and understood a given policy.
SyncThe process of importing documents from Confluence or SharePoint into Sprinto.
MonitoringThe dashboard used to track the health and compliance status of policies and tasks.