ABSTRACT
Every compliance mandate builds requirements on a foundation of risk management. By converging security and enterprise risk management (ERM), SMBs can create data protection programs that mitigate risk and help them meet critical compliance requirements. This chapter defines key terms and provides case studies that help leaders understand how to create risk-based, security-first compliance programs.
