C - Definitions

  • C

    Can Spam Act of 2003

    The Can Spam Act of 2003 is a commonly used name for the United States Federal law more formally known as S. 877 or the "Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003." The law took effect on January 1, 2004. The Can Spam Act allows courts to set damages of up to $2 million when spammers break the law.

  • Center for Internet Security (CIS)

    The Center for Internet Security (CIS) is a nonprofit organization focused on improving public- and private-sector cybersecurity readiness and response.

  • Certified Information Systems Risk and Compliance Professional (CISRCP)

    A Certified Information Systems Risk and Compliance Professional (CISRCP) is a person in the information technology (IT) field that has passed an examination on risk and compliance topics developed by the International Association of Risk and Compliance Professionals (IARCP).

  • chief risk officer (CRO)

    The chief risk officer (CRO) is the corporate executive tasked with assessing and mitigating significant competitive, regulatory and technological threats to an enterprise's capital and earnings.

  • cloud computing security

    Cloud computing security is the set of control-based technologies and policies designed to adhere to regulatory compliance rules and protect information, data applications and infrastructure associated with cloud computing use.

  • COBIT 5

    COBIT 5 is the fifth iteration of a popular framework that's used for managing and governing information technology (IT).

  • Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS)

    Common Criteria Evaluation and Validation Scheme for IT Security (CCEVS) is program for evaluating IT products' conformance to international IT security standards. 

  • compliance audit

    A compliance audit is a comprehensive review of an organization's adherence to regulatory guidelines.

  • compliance burden

    Compliance burden, also called regulatory burden, is the administrative cost of a regulation in terms of dollars, time and complexity.

  • compliance framework

    A compliance framework is a structured set of guidelines that details an organization's processes for maintaining accordance with established regulations, specifications or legislation.

  • compliance risk

    Compliance risk is exposure to legal penalties, financial forfeiture and material loss an organization faces when it fails to act in accordance with industry laws and regulations, internal policies or prescribed best practices.

  • compliance validation

    In compliance, validation is a formal procedure to determine how well an official or prescribed plan or course of action is being carried out. Continued...

  • Computer Fraud and Abuse Act (CFAA)

    The Computer Fraud and Abuse Act (CFAA) of 1986 is United States legislation that made it a federal crime to access a protected computer without proper authorization.

  • COMSEC (communications security)

    Communications security (COMSEC) is the prevention of unauthorized access to telecommunications traffic, or to any information that is transmitted or transferred.

  • conduct risk

    Conduct risk is the prospect of financial loss to an organization that is caused by the actions of an organization's administrators and employees.

-ADS BY GOOGLE

SearchCIO

SearchHealthIT

SearchCloudComputing

SearchDataCenter

SearchDataManagement

SearchSecurity

Close