Glossary

Shift-left compliance

Shifting compliance left means moving the compliance check earlier in the development lifecycle, to the moment a change is made, instead of discovering issues later in an audit. The term borrows from shift-left security and testing: the earlier a problem is found, the cheaper it is to fix.

In code

For compliance the earliest practical checkpoint is the pull request, the one place already in the workflow where a change is reviewed before it ships. A control-relevant change caught in the diff is a one-line fix; the same issue caught in the audit is a remediation with a paper trail.

Manifesto: catch it at the PR, not the audit
Frameworks in code

Get early access ← All terms