GDPR
The General Data Protection Regulation — an EU regulation on data protection and privacy for individuals within the European Union.
Practice this topic
Test your knowledge of grc concepts with exam-style practice questions.
Related GRC terms
Risk Assessment
The process of identifying, analyzing, and evaluating potential risks to an organization's information assets.
Vulnerability Assessment
A systematic process to identify, quantify, and prioritize security vulnerabilities in systems and applications.
Penetration Testing
An authorized simulated cyberattack on a computer system to evaluate its security posture.
Compliance
The act of conforming to established guidelines, specifications, or legislation related to information security.
NIST Framework
A set of guidelines and best practices published by the National Institute of Standards and Technology to manage cybersecurity risk.
ISO 27001
An international standard for information security management systems (ISMS) that specifies requirements for managing information security.