- AICPA
- Attestation of Compliance (AOC)
- California Consumer Privacy Act
- Compliance as a Service
- Compliance Automation Software
- Compliance Risk Management
- Comprehensive Assessment
- Controls
- Cybersecurity
- GRC
- Information Security Management System (ISMS)
- ISMS Governing Body
- ISO 27001
- ISO 27001 Annex A Controls
- ISO 27001 Security Standard
- Pen Testing
- Policies
- Risk Assessment
- Security Questionnaire
- SOC 1
- SOC 2
- SOC 2 Auditor
- SOC 2+
- SOC 3
- SOC Reports
- SOC Trust Services Criteria (TSC)
- SSAE 16
- SSAE 18
- Statement of Applicability (SoA)
- Vendor Assessment
- Vendor Management Policy
- Vulnerability Management
Pen testing, short for “penetration testing,” uses simulated, authorized cybersecurity attacks to determine how susceptible an organization’s information systems are to unauthorized access. Pen testing is a valuable element of vulnerability management, often performed by outside specialists in the process.