Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Blogs
Events
Glossary
Guides

Follow us

SOC 2

SOC 2 is the most sought after security framework for scaling SaaS companies. Keep up-to-date with the latest SOC 2 terms.

SOC 2 Type I report
SOC 2 compliance
SOC Trust Services Criteria
SOC reports
SOC 2 Type II report
Learn more

ISO 27001

ISO 27001 is considered the international gold standard for information security management. Want to learn more? Get familiar with ISO 27001 terms.

ISO 27001
Information Security Management System (ISMS)
ISO 27001 Risk Assessment
ISMS Governing Body
ISO 27001 security standard
Learn more

HIPAA

HIPAA compliance keeps companies that access, process, or store protected health information in check. Find out commonly used HIPAA terminology.

HIPAA
HIPAA Compliance
HIPAA breach
HIPAA Covered Entities
HIPAA Rules
Learn more

PCI

PCI DSS applies to businesses that accept, process, store, transmit, or impact the security of cardholder data. Keep updated on PCI DSS terms.

Payment Card Industry Data Security Standard (PCI DSS)
Merchant
Qualified Security Assessor (QSA)
Report on Compliance (ROC)
Self-Assessment Questionnaire (SAQ)
Learn more

General

Learn all about security and compliance frameworks terminology.

General Data Protection Regulation (GDPR)
NIST Cybersecurity Framework (CSF)
Cybersecurity
Compliance risk management
California Consumer Privacy Act (CCPA)
Learn more
Showing search results for:
Text

ISO 27001 Risk Assessment

An ISO 27001 Risk Assessment helps an organization identify weaknesses in its security processes and procedures.

ISO 27001 Nonconformities

Trying to find the answer to What is an ISO 27001 nonconformity? Vanta's got you covered. Click here to learn more about ISO 27001 nonconformities.

ISO 27001 Management Review

The ISO 27001 management review ensures an an organization’s Information Security Management System (ISMS) and its objectives continue to remain appropriate and effective given the organization’s purpose, issues, and risks around its information assets.

ISO 27001 Key Performance Indicators (KPIs)

Trying to find the answer to What are ISO 27001 key performance indicators (KPIs)? Vanta's got you covered. Click here to learn more about ISO 27001 KPIs.

ISO 27001 Internal Audit

An ISO 27001 internal audit examines an organization’s Information Security Management System (ISMS) before undergoing an ISO audit with an external auditor.

ISMS Governing Body

An ISMS governing body is a team with management oversight, composed of key members of top management—typically defined as senior leadership and executive management responsible for strategic decisions and resource allocation—from within the organization.

Information Security Management System (ISMS)

ISMS is a systematic approach to managing an organization’s information security.

Annex A Controls

Annex A of the ISO 27001 standard is a list of security controls that organizations can use to improve the security of their information assets.

Protected health information

Protected health information (PHI) is health data that is created, received, stored, or transmitted by HIPAA-covered entities. Find out more about PHI now!

HIPAA breach

A HIPAA breach is the acquisition, access, use, or disclosure of PHI in a manner not permitted by HIPAA regulations. Find out more about HIPAA breaches now.

No results found 🤷

Get compliant and
build trust, fast.

Request a demo
Two wind turbines on a white background.
Get compliant and build trust,
fast.
Get started