Regulatory Compliance refers to the degree to which an organization subject to particular security rules and policies is meeting the requirements outlined in them.
When information systems meet the outlined requirements, they are said to be "compliant." When they don't, they are "not in compliance." Compliance is generally assessed through a formal evaluation and auditing procedure of some kind.
Regulatory compliance may also be used to refer to the process of implementing systems and processes to achieve compliance with the regulations to which an organization is subject.
