Compliance Management Definitions

This glossary explains the meaning of key words and phrases that information technology (IT) and business professionals use when discussing compliance strategy and related software products. You can find additional definitions by visiting WhatIs.com or using the search box below.

  • P

    privacy plan

    A privacy plan is an organizational directive that outlines how the organization will protect the personal information of its customers and clients. A privacy plan tends to be an internal document, as opposed to a privacy policy, which is an outward-facing description of how an organization collects, processes and uses data.

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if it occurs: loss.

  • R

    records management

    Records management (RM) is the administration of records and documented information for the entirety of its lifecycle, which includes creation, maintenance, use, storage, retrieval and disposal.

  • records retention schedule

    A records retention schedule is a policy that depicts how long data items must be kept, as well as the disposal guidelines for these data items.

  • RegTech

    RegTech, or regulatory technology, is a term used to describe technology that is used to help streamline the process of regulatory compliance.

  • Regulation Fair Disclosure (Regulation FD or Reg FD)

    Regulation Fair Disclosure is a rule passed by the U.S. Securities and Exchange Commission that aims to prevent selective disclosure of information by requiring publicly traded companies to make public disclosure of material, nonpublic information.

  • Regulation SCI (Regulation Systems Compliance and Integrity)

    Regulation SCI is a set of compliance rules designed by the SEC to monitor and regulate the technology infrastructure of U.S. securities markets.

  • regulatory compliance

    Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business processes.

  • residual risk

    Residual risk is a threat that remains after an organization has implemented security controls to comply with legal requirements.

  • risk appetite

    Risk appetite is a concept that helps guide organizational risk management activities by allowing officials to establish a baseline level of risk an organization is prepared to accept before taking an action, as well as evaluate the likelihood and impact of certain threats.

  • risk assessment

    Risk assessment is the identification of hazards that could negatively impact an organization's ability to conduct business.

  • risk avoidance

    Risk avoidance is the risk assessment technique that entails eliminating hazards, activities and exposures that place an organization's valuable assets at risk.

  • risk exposure

    Risk exposure is a quantified loss potential of business actions, and is usually calculated based on the probability of the incident occurring multiplied by its potential losses.

  • risk intelligence (RQ)

    Risk intelligence (RQ) is a term used to describe predictions made around uncertainties and future threat probabilities.

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

-ADS BY GOOGLE

SearchCIO

SearchHealthIT

SearchCloudComputing

SearchDataCenter

SearchDataManagement

SearchSecurity

Close