Differece between IT security and IT Compliance https://www.bmc.com/blogs/it-security-vs-it-compliance-whats-the-difference/#

Some IT Compliance:

HIPAA: is a U.S. law that defines how the healthcare industry protects and shares personal health information
SOX: is a financial regulation in the U.S. that applies to a broad spectrum of industries.
PCI-DSS: are a group of security regulations that protect consumer privacy when personal credit card information is transmitted, stored, and processed by businesses.
ISO-27001: on the other hand, is not a law but a standard that companies can opt into by aligning with these InfoSec standards. SoC2: is auditing procedure that ensures your service providers securely manage your data to protect the interests of your organization and the privacy of its clients. For security-conscious businesses, SOC 2 compliance is a minimal requirement when considering a SaaS provider.