Get started

Industry specific requirements for compliance

• regulatory compliance

  Regulatory compliance is an organization's adherence to laws, regulations, guidelines and specifications relevant to its business processes. Continue Reading

• privacy compliance

  Privacy compliance is a company's accordance with established personal information protection guidelines, specifications or legislation. Continue Reading

• Whistleblower Protection Act

  The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from retaliatory action for voluntarily disclosing information about dishonest or illegal activities occurring in a government ... Continue Reading

• Gearing up to meet GDPR compliance requirements

  In this webcast, attorney Nicholas Merker discusses the necessary steps companies should be taking to meet the EU's looming GDPR compliance requirements. Continue Reading

• PCI DSS compliance (Payment Card Industry Data Security Standard compliance)

  Payment Card Industry Data Security Standard (PCI DSS) compliance is adherence to the set of policies and procedures developed to protect credit, debit and cash card transactions and prevent the misuse of cardholders' personal information. Continue Reading

• Definitions to Get Started

  • regulatory compliance
  • privacy compliance
  • Whistleblower Protection Act
  • PCI DSS compliance (Payment Card Industry Data Security Standard compliance)

  • PCAOB (Public Company Accounting Oversight Board)
  • FTC (Federal Trade Commission)
  • Securities and Exchange Act of 1934 (Exchange Act)
  • Regulation Fair Disclosure (Regulation FD or Reg FD)

  View All Definitions

• PCAOB (Public Company Accounting Oversight Board)

  The Public Company Accounting Oversight Board (PCAOB) is a Congressionally-established nonprofit that assesses audits of public companies in the United States to protect investors' interests.Continue Reading

• Information security regulations may target IoT, drones

  Calls are growing louder for information security regulations to target consumer-centric technology such as the IoT and drones, but legislating their use could prove difficult.Continue Reading

• FTC (Federal Trade Commission)

  The FTC (Federal Trade Commission) is a United States federal regulatory agency designed to monitor and prevent anticompetitive, deceptive or unfair business practices.Continue Reading

• Securities and Exchange Act of 1934 (Exchange Act)

  The Securities and Exchange Act of 1934 (Exchange Act) is a law that governs secondary trading and stock exchanges.Continue Reading

• Regulation Fair Disclosure (Regulation FD or Reg FD)

  Regulation Fair Disclosure is a rule passed by the U.S. Securities and Exchange Commission that aims to prevent selective disclosure of information by requiring publicly traded companies to make public disclosure of material, nonpublic information.Continue Reading

• SEC's Regulation SCI: A visual timeline

  The SEC adopted Regulation SCI to bolster the technological infrastructure of the U.S. securities market. Take a look at the milestones in the history of Reg SCI, including when it was first proposed, the tech failures that inspired it and more.Continue Reading

• Regulation SCI (Regulation Systems Compliance and Integrity)

  Regulation SCI is a set of compliance rules designed by the SEC to monitor and regulate the technology infrastructure of U.S. securities markets.Continue Reading

• What changes are businesses experiencing under PCI DSS version 3.0?

  New compliance requirements under PCI DSS version 3.0 strive to make cardholder data security part of companies' everyday business processes.Continue Reading

• International Accounting Standards Board

  The International Accounting Standards Board is the independent standard-setting body of the IFRS Foundation.Continue Reading

• Government Accountability Office (GAO)

  The U.S. Government Accountability Office (GAO) is an independent, nonpartisan agency that works for Congress to investigate how the federal government spends taxpayer dollars.Continue Reading

• FASAB (Federal Accounting Standards Advisory Board)

  The Federal Accounting Standards Advisory Board (FASAB) is an advisory committee that develops accounting standards for U.S. government agencies.Continue Reading

• Senate Judiciary Committee (SJC)

  The U.S. Senate Judiciary Committee is in charge of conducting hearings prior to Senate votes on confirmation of federal judges and has broad jurisdiction over federal criminal law.Continue Reading

• electronically stored information (ESI)

  Electronically stored information (ESI) is data created, altered, communicated and stored in digital form.Continue Reading

• Basel Committee on Banking Supervision (BCBS)

  The Basel Committee on Banking Supervision (BCBS) is a group of international banking authorities who work to strengthen the regulation, supervision and practices of banks and improve financial stability worldwide.Continue Reading

• How does shadow IT complicate regulatory compliance?

  As shadow IT spreads, so, too, do the associated data privacy and security risks. In this FAQ, learn more about shadow IT and its compliance pitfalls.Continue Reading

• AICPA (American Institute of Certified Public Accountants)

  The AICPA (American Institute of Certified Public Accountants) is a member association for the accounting profession that sets ethical standards for accountants, as well as U.S. auditor standards for private companies, nonprofit organizations and ...Continue Reading

• geolocation data

  Geolocation data is information associated with an electronic device that can be used to identify its physical location. The most common example of geolocation data is an IP address.Continue Reading

• Video Privacy Protection Act of 1988

  The Video Privacy Protection Act of 1988 is United States legislation that prevents wrongful disclosure of an individual's personally identifiable information stemming from their rental or purchase of audiovisual material, including videotapes, DVDs...Continue Reading

• whistleblower

  A whistleblower is a person who voluntarily provides information to the general public, or someone in a position of authority, about dishonest or illegal business activities occurring at an organization.Continue Reading

• NERC CIP (critical infrastructure protection)

  The NERC CIP (critical infrastructure protection) plan is a set of requirements designed to secure assets vital to reliably operating North America's bulk electric system.Continue Reading

• Volcker rule

  The Volcker rule is a section of the Dodd–Frank Act that restricts U.S. banks from making speculative, high-risk investments that do not benefit customers.Continue Reading

• corporate social responsibility (CSR)

  Corporate social responsibility is an umbrella term used to describe voluntary corporate initiatives concerned with community development, the environment and human rights. Continue Reading

• FAQ: What is the Basel III accord, and what does it require?

  Basel III is a set of standards developed to ensure that internationally active banks maintain adequate capital during periods of economic strain. How does Basel III affect you?Continue Reading

• FAQ: GARP and how it helps you achieve better information governance

  Many organizations do not have an information governance structure that works with defined record-keeping principles that ensures accountability. GARP may be your answer.Continue Reading

• COPPA (Children's Online Privacy Protection Act )

  The Children's Online Privacy Protection Act (COPPA) is a law passed by the U.S. Congress in 1998 to specifically protect the privacy of children under the age of 13 by requesting parental consent for the collection or use of any personal ...Continue Reading

• FAQ: What impact do mobile computing devices have on IT compliance?

  More mobile devices means more security threats. Here are things to consider in adjusting your IT compliance strategy to meet challenges brought by iPhones and the like.Continue Reading

• What is NERC CIP, and IT's role in critical infrastructure protection?

  Under the NERC CIP, power generators and suppliers must prove NERC compliance on critical infrastructure protection provisions by the end of the second quarter. Will you be ready?Continue Reading

• Enterprise document management FAQ: IT operations and compliance

  Find answers and resources to frequently asked questions about the relationship of enterprise document management to IT operations and compliance.Continue Reading

• HITECH FAQ: What is the impact of the HITECH Act on IT operations?

  This resource provides answers and resources to frequently asked questions regarding the Health Information Technology for Economic and Clinical Health (HITECH) Act.Continue Reading

• XBRL (Extensible Business Reporting Language)

  XBRL (Extensible Business Reporting Language) is an XML-based computer language for the electronic transmission of business and financial data. The goal of XBRL is to standardize the automation of business intelligence (BI).Continue Reading

• Can Spam Act of 2003

  The Can Spam Act of 2003 is a commonly used name for the United States Federal law more formally known as S. 877 or the "Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003." The law took effect on January 1, 2004. The Can...Continue Reading