Your security and compliance glossary

All the terms you need to know when you’re trying to get compliance audit ready, fast.

Show filters
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Blogs
Events
Glossary
Guides and reports

Follow us

Linkedin iconFacebook icontwitter iconinstagram icon

SOC 2

SOC 2 is the most sought after security framework for scaling SaaS companies. Keep up-to-date with the latest SOC 2 terms.

SOC 2 Type I report
SOC 2 compliance
SOC Trust Services Criteria
SOC reports
SOC 2 Type II report
Learn more

ISO 27001

ISO 27001 is considered the international gold standard for information security management. Want to learn more? Get familiar with ISO 27001 terms.

ISO 27001
Information Security Management System (ISMS)
ISO 27001 Risk Assessment
ISMS Governing Body
ISO 27001 security standard
Learn more

HIPAA

HIPAA compliance keeps companies that access, process, or store protected health information in check. Find out commonly used HIPAA terminology.

HIPAA
HIPAA Compliance
HIPAA breach
HIPAA Covered Entities
HIPAA Rules
Learn more

PCI

PCI DSS applies to businesses that accept, process, store, transmit, or impact the security of cardholder data. Keep updated on PCI DSS terms.

Payment Card Industry Data Security Standard (PCI DSS)
Merchant
Qualified Security Assessor (QSA)
Report on Compliance (ROC)
Self-Assessment Questionnaire (SAQ)
Learn more

General

Learn all about security and compliance frameworks terminology.

General Data Protection Regulation (GDPR)
NIST Cybersecurity Framework (CSF)
Cybersecurity
Compliance risk management
California Consumer Privacy Act (CCPA)
Learn more
Showing search results for:
Text

NIST Cybersecurity Framework (CSF)

NIST CSF is a cybersecurity framework designed by US-based National Institute of Standards and Technology.

California Consumer Privacy Act (CCPA)

The California Consumer Privacy Act is a state statute passed in 2018 that gives California residents new data privacy rights and requires compliance from for-profit business entities.

General Data Protection Regulation (GDPR)

The GDPR governs the collection, processing, consent, and distribution of personal information to ensure that EU citizens have more control of personal data.

Service Provider

A service provider is involved in the processing, storage, and transmission of a credit card holder's data.

Cardholder Data (CHD)

Cardholder data is any information on a customer's payment card.

Qualified Security Assessor (QSA)

Qualified Security Assessor is an organization or individual that compliance auditing.

Cardholder Data Environment (CDE)

Cardholder Data Environment (CDE) includes all the people and technologies that can impact the security of cardholder data.

Attestation of Compliance (AOC)

Attestation of Compliance (AOC) is the documentation that validates the compliance status of an organization.

Report on Compliance (ROC)

Learn about a Report on Compliance (ROC) and how they are obtained.

Self-Assessment Questionnaire (SAQ)

A Self-Assessment Questionnaire is a way for merchants and service providers to validate PCI compliance.

No results found 🤷

Get compliant and build trust—fast

Request a demo
G2 BadgeG2 BadgeG2 Badge