Risk management
It refers to the processes with the help of which the management / the organization can identify, analyze, and where ever necessary, respond appropriately to the anticipated risks, which may adversely affect and obstruct the path of realization of the organization's business objectives. The response to risks typically depends on their perceived gravity/ intensity of the problem, and involves controlling it, avoiding it, accepting it and moving accordingly or transferring it to a third party for it to be handled appropriately.
Most of the organizations and / or business groups routinely manage a variety of risks - be it technological risks, commercial/financial risks, information security risks, privacy risks, R&D risks or be it external legal and regulatory compliance risks. All of these if taken care and handled on time appropriately can help boost a company growth graph drastically and if not, then can lead to a rapid downfall too.
Compliance
It caters to adhering to the stated requirements, which at the organizational level, is often achieved through management processes identifying the applicable requirements - laws, regulations, contracts, strategies and policies, assessing the state of compliance, anticipating/determining the risks and loop holes and evaluating the potential costs, thence prioritizing, funding and initiating any corrective actions deemed necessary.