Glossary

Policy

A formal rule or requirement that governs organisational behaviour, security, or operations.

Procedure

A step-by-step guide that outlines how to implement a policy.

Document

A general artefact that supports compliance, such as audit reports, charters, or ISMS scope documents.

Draft

The initial stage of a document. Drafts can be edited, reviewed, and submitted for approval.

Pending approval

Indicates that a policy has been submitted for approval but is not yet active.

Active

A policy that has been approved and is available to employees for acknowledgement.

Disabled

A policy that has been deactivated and is no longer visible to employees.

Reviewer

A user who can leave comments on a draft policy but cannot approve or edit it.

Approver

A user authorised to approve a policy and move it to the active state.

Version

A tracked iteration of a policy, created when changes are made after activation.

Control

A specific compliance requirement that a policy helps satisfy.

Control mapping

The process of linking a policy to one or more compliance controls for audit purposes.

Sprinto template

A prebuilt, editable policy document aligned with specific frameworks (e.g. SOC 2, ISO 27001).

Library

A repository of standard documents that can be added to your organisation’s policy set.

Acknowledgement

An employee’s confirmation that they have read and understood a given policy.

Sync

The process of importing documents from Confluence or SharePoint into Sprinto.

Monitoring

The dashboard used to track the health and compliance status of policies and tasks.