SOC 2
SOC 2 is the most sought after security framework for scaling SaaS companies. Keep up-to-date with the latest SOC 2 terms.
ISO 27001
ISO 27001 is considered the international gold standard for information security management. Want to learn more? Get familiar with ISO 27001 terms.
HIPAA
HIPAA compliance keeps companies that access, process, or store protected health information in check. Find out commonly used HIPAA terminology.
PCI
PCI DSS applies to businesses that accept, process, store, transmit, or impact the security of cardholder data. Keep updated on PCI DSS terms.
General
Learn all about security and compliance frameworks terminology.
ISO 27001 Risk Assessment
An ISO 27001 Risk Assessment helps an organization identify weaknesses in its security processes and procedures.
ISO 27001 Nonconformities
Trying to find the answer to What is an ISO 27001 nonconformity? Vanta's got you covered. Click here to learn more about ISO 27001 nonconformities.
ISO 27001 Management Review
The ISO 27001 management review ensures an an organization’s Information Security Management System (ISMS) and its objectives continue to remain appropriate and effective given the organization’s purpose, issues, and risks around its information assets.
ISO 27001 Key Performance Indicators (KPIs)
Trying to find the answer to What are ISO 27001 key performance indicators (KPIs)? Vanta's got you covered. Click here to learn more about ISO 27001 KPIs.
ISO 27001 Internal Audit
An ISO 27001 internal audit examines an organization’s Information Security Management System (ISMS) before undergoing an ISO audit with an external auditor.
ISMS Governing Body
An ISMS governing body is a team with management oversight, composed of key members of top management—typically defined as senior leadership and executive management responsible for strategic decisions and resource allocation—from within the organization.
Information Security Management System (ISMS)
ISMS is a systematic approach to managing an organization’s information security.
Annex A Controls
Annex A of the ISO 27001 standard is a list of security controls that organizations can use to improve the security of their information assets.