Regulatory compliance needs Definitions

  • H

    HIPAA covered entity

    A HIPAA covered entity is any organization or corporation that directly handles Personal Health Information (PHI) or Personal Health Records (PHR).

  • I

    information assurance

    Information assurance (IA) is the practice of protecting against and managing risk related to the use, storage and transmission of data and information systems.

  • inherent risk

    Inherent risk is a category of threat that describes potential losses or pitfalls that exist before internal security controls or mitigating factors are implemented.

  • internal control

    An internal control is a business practice, policy or procedure that is established within an organization to create value or minimize risk.

  • International Accounting Standards Board

    The International Accounting Standards Board is the independent standard-setting body of the IFRS Foundation.

  • intrusion detection system (IDS)

    An intrusion detection system (IDS) is a device or software application that alerts an administrator of a security breach, policy violation or other compromise that may adversely affect the administrator's information technology (IT) network. 

  • ISO 27002 (International Organization for Standardization 27002)

    The ISO 27002 standard is a collection of information security guidelines that are intended to help an organization implement, maintain, and improve its information security management.

  • IT controls

    An IT control is a procedure or policy that provides a reasonable assurance that the information technology (IT) used by an organization operates as intended, that data is reliable and that the organization is in compliance with applicable laws and regulations. Continued...

  • N

    NERC CIP (critical infrastructure protection)

    The NERC CIP (critical infrastructure protection) plan is a set of requirements designed to secure assets vital to reliably operating North America's bulk electric system.

  • O

    Office of Management and Budget (OMB)

    The Office of Management and Budget (OMB) is the business division of the Executive Office of the President of the United States that administers the United States federal budget and oversees the performance of federal agencies.

  • OPSEC (operational security)

    OPSEC (operational security) is an analytical process that identifies assets such as sensitive corporate information or trade secrets, and determines the controls required to protect these assets.

  • P

    PCAOB (Public Company Accounting Oversight Board)

    The Public Company Accounting Oversight Board (PCAOB) is a Congressionally-established nonprofit that assesses audits of public companies in the United States to protect investors' interests.

  • PCI DSS compliance (Payment Card Industry Data Security Standard compliance)

    Payment Card Industry Data Security Standard (PCI DSS) compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information.

  • predictive coding

    Predictive coding software can be used to automate portions of an e-discovery document review. The goal of predictive coding is to reduce the number of irrelevant and non-responsive documents that need to be reviewed manually.

  • privacy compliance

    Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or legislation.

-ADS BY GOOGLE

SearchCIO

SearchHealthIT

SearchCloudComputing

SearchDataCenter

SearchDataManagement

SearchSecurity

Close