Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Follow us


SOC 2 is the most sought after security framework for scaling SaaS companies. Keep up-to-date with the latest SOC 2 terms.

ISO 27001

ISO 27001 is considered the international gold standard for information security management. Want to learn more? Get familiar with ISO 27001 terms.


HIPAA compliance keeps companies that access, process, or store protected health information in check. Find out commonly used HIPAA terminology.


PCI DSS applies to businesses that accept, process, store, transmit, or impact the security of cardholder data. Keep updated on PCI DSS terms.

Showing search results for:

NIST Cybersecurity Framework (CSF)

NIST CSF is a cybersecurity framework designed by US-based National Institute of Standards and Technology.

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act is a state statute passed in 2018 that gives California residents new data privacy rights and requires compliance from for-profit business entities.

General Data Protection Regulation (GDPR)

The GDPR governs the collection, processing, consent, and distribution of personal information to ensure that EU citizens have more control of personal data.

Service Provider

A service provider is involved in the processing, storage, and transmission of a credit card holder's data.

Cardholder Data (CHD)

Cardholder data is any information on a customer's payment card.

Qualified Security Assessor (QSA)

Qualified Security Assessor is an organization or individual that compliance auditing.

Cardholder Data Environment (CDE)

Cardholder Data Environment (CDE) includes all the people and technologies that can impact the security of cardholder data.

Attestation of Compliance (AOC)

Attestation of Compliance (AOC) is the documentation that validates the compliance status of an organization.

Report on Compliance (ROC)

Learn about a Report on Compliance (ROC) and how they are obtained.

Self-Assessment Questionnaire (SAQ)

A Self-Assessment Questionnaire is a way for merchants and service providers to validate PCI compliance.

No results found 🤷

Get compliant and
build trust, fast.

Two wind turbines on a white background.
Get compliant and build trust,
Get started