Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Blogs
Events
Glossary
Guides

Follow us

SOC 2

SOC 2 is the most sought after security framework for scaling SaaS companies. Keep up-to-date with the latest SOC 2 terms.

SOC 2 Type I report
SOC 2 compliance
SOC Trust Services Criteria
SOC reports
SOC 2 Type II report
Learn more

ISO 27001

ISO 27001 is considered the international gold standard for information security management. Want to learn more? Get familiar with ISO 27001 terms.

ISO 27001
Information Security Management System (ISMS)
ISO 27001 Risk Assessment
ISMS Governing Body
ISO 27001 security standard
Learn more

HIPAA

HIPAA compliance keeps companies that access, process, or store protected health information in check. Find out commonly used HIPAA terminology.

HIPAA
HIPAA Compliance
HIPAA breach
HIPAA Covered Entities
HIPAA Rules
Learn more

PCI

PCI DSS applies to businesses that accept, process, store, transmit, or impact the security of cardholder data. Keep updated on PCI DSS terms.

Payment Card Industry Data Security Standard (PCI DSS)
Merchant
Qualified Security Assessor (QSA)
Report on Compliance (ROC)
Self-Assessment Questionnaire (SAQ)
Learn more

General

Learn all about security and compliance frameworks terminology.

General Data Protection Regulation (GDPR)
NIST Cybersecurity Framework (CSF)
Cybersecurity
Compliance risk management
California Consumer Privacy Act (CCPA)
Learn more
Showing search results for:
Text

Health Information Technology for Economic and Clinical Health Act (HITECH)

Learn what HITECH is and how it impacts healthcare protections.

HIPAA Rules: Enforcement Rule

Trying to find the answer to What is the HIPAA Enforcement Rule?‍ Vanta's got you covered. Click here to learn more about the HIPAA enforcement rule here.

HIPAA Rules: Security Rule

The HIPAA Security Rule operationalizes the protections of the HIPAA Privacy Rule.

HIPAA Rules: Privacy Rule

Trying to find the answer to What is the HIPAA Privacy Rule?‍ Vanta's got you covered. Click here to learn more about the HIPAA Privacy Rule.

SOC 2 Type II report

Trying to find the answer to 'What is a SOC 2 Type II report?‍' Vanta's got you covered. Click here to learn more about SOC 2 Type II report.

SOC 2 Type I report

A SOC 2 Type I report attests to a company’s security rules at a specific point in time.

Statement of Applicability

The Statement of Applicability is a component of an organizations's Information Security Management System (ISMS) and a document in achieving ISO 27001 certification.

ISO 27001 Stage 2 Audit

Learn what an ISO 27001 Stage 2 Audit is and how it might be critical to your organization.

ISO 27001 Stage 1 Audit

The ISO 27001 Stage 1 Audit is the first part of a two-stage external process for getting ISO certified.

ISO 27001 Risk Treatment Plan

ISO 27001 risk treatment plan identifies a company's risks and assesses a process for how to respond.

No results found 🤷

Get compliant and
build trust, fast.

Request a demo
Two wind turbines on a white background.
Get compliant and build trust,
fast.
Get started