Compliance as Code

Compliance

Adherence to laws, regulations, guidelines, and specifications relevant to an organisation's business.

Regulatory Technology

Technology solutions designed to help companies comply with regulations efficiently and cost-effectively.

Data Privacy

The proper handling of personal data including collection, storage, processing, and sharing in compliance with regulations.

Data Protection Officer

An individual responsible for overseeing an organisation's data protection strategy and regulatory compliance.

Control Framework

A structured set of controls and processes designed to manage risk and ensure compliance with regulations.

Sanctions Screening

The process of checking individuals and entities against government-issued lists of sanctioned parties.

Incident Reporting

The formal process of documenting and communicating security incidents, breaches, or compliance violations.

Regulatory Sandbox

A controlled environment where businesses can test innovative products and services under regulatory oversight.

EU AI Act

The European Union's comprehensive legislation establishing rules for the development and use of AI systems based on risk levels.

Continuous Compliance

An automated approach to maintaining regulatory compliance through real-time monitoring, policy enforcement, and evidence collection integrated into development and operations pipelines.

AI Audit

An independent assessment of an AI system's compliance with regulatory requirements, ethical standards, and organisational policies, examining data, models, outputs, and governance.

Control Objectives for Information and Related Technologies — a framework for IT governance and management.

General Data Protection Regulation — EU legislation governing the collection and processing of personal data of EU residents.

An organisation's ability to build, assure, and review its technological integrity to ensure it can withstand all types of ICT-related disruptions and threats.

The overarching strategy for managing an organisation's information assets, balancing the need for data availability with security, privacy, compliance, and lifecycle management.

The system of policies, rules, and processes by which activities are directed, controlled, and managed.

The governance framework for identifying, measuring, and mitigating risks arising from AI and analytical models.

A systematic evaluation of the potential effects and risks of an AI system before and during its deployment.

The systematic process of evaluating potential risks in an organisation's operations, projects, or investments.