Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters

What is compliance risk management?

Risk management describes the process of proactively identifying potential risks, analyzing those risks, and taking precautions to minimize risks; compliance risk management describes an organization’s process of managing the risk of non-compliance with pertinent regulations. Because compliance risk management looks different for different companies, each company should develop an appropriate compliance risk management program that is designed to suit its specific business processes and regulatory compliance concerns.

Taking into consideration the speed at which business changes and the variety of regulations with which businesses must ensure their compliance — including SOC 2, GDPR, HIPAA, ISO, and other rules and standards — an organization should consider how it can best develop an integrated company-wide compliance strategy.

A comprehensive compliance risk management strategy enables an organization to understand and effectively address potential threats to its ability to conduct its business.

Additional resources you might like:

Compliance for Startups: Join Vanta's Office Hours

Do you have questions about SOC 2, ISO 27001, HIPAA, or other security and privacy frameworks? Wondering if, when, and how to achieve compliance (as painlessly as possible)? Join the next office hours with Vanta team leaders to learn about compliance for growing startups

Auditor Edition

Are you preparing for upcoming compliance audits? Curious about the best practices to ensure a smooth audit process? Join the webinar...

ISO 27001
ISO 27001 Compliance for SaaS

On 10 October at 2 PM BST, join the Ask Me (Almost) Anything with Herman Errico and Kim Elias, compliance experts at Vanta. They’ll answer (almost) all your questions about ISO 27001 compliance.

Get compliant and
build trust, fast.