Browse Definitions:

Quiz: Test your regulatory compliance smarts

Quiz: Test your regulatory compliance smarts

Are you up on regulatory compliance? Test your knowledge with these regulations and see if you can match up each regulation with the correct requirements. When you're done, jot down your answers on a piece of paper and then click over to the Regulatory Compliance and Critical System Protection chart to see how well you did.


1. HIPAA a. Outlines criteria for accepting electronic records and signatures and for documenting and validating authorized change processes to systems and software involved in the creation of electronic documents


2. FDA21 CFR 11 b. Assures privacy of customer data for financial institutions
3. SEC17 CFR 240 c. Requires that where patient data is recorded, stored or transmitted there must be a record of the change and patient's signature
4. Sarbanes-Oxley d. Establishes controls and procedures for electronic securities transactions
5. Basel II e. Provides direction for managing capital risk, supervisory interaction, and publish risk disclosure for large banks
6. Gramm-
f. Provides guidelines for corporate governance and oversight of accounting and audit practices as well as financial record retention
7. Clinger-Cohen Act g. Regulates firms providing IT products and services to the U.S. government
This was last updated in July 2008

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.


File Extensions and File Formats


  • risk map (risk heat map)

    A risk map, also known as a risk heat map, is a data visualization tool for communicating specific risks an organization faces. A...

  • internal audit (IA)

    An internal audit (IA) is an organizational initiative to monitor and analyze its own business operations in order to determine ...

  • pure risk (absolute risk)

    Pure risk, also called absolute risk, is a category of threat that is beyond human control and has only one possible outcome if ...


  • federated identity management (FIM)

    Federated identity management (FIM) is an arrangement that can be made among multiple enterprises to let subscribers use the same...

  • cross-site scripting (XSS)

    Cross-site scripting (XSS) is a type of injection security attack in which an attacker injects data, such as a malicious script, ...

  • firewall

    In computing, a firewall is software or firmware that enforces a set of rules about what data packets will be allowed to enter or...



  • business continuity and disaster recovery (BCDR)

    Business continuity and disaster recovery (BCDR) are closely related practices that describe an organization's preparation for ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • call tree

    A call tree -- sometimes referred to as a phone tree -- is a telecommunications chain for notifying specific individuals of an ...


  • volume manager

    A volume manager is software within an operating system (OS) that controls capacity allocation for storage arrays.

  • external storage device

    An external storage device, also referred to as auxiliary storage and secondary storage, is a device that contains all the ...

  • NetApp SolidFire

    NetApp SolidFire is a business division of NetApp Inc. that specializes in all-flash storage systems.


  • hybrid hard disk drive (HDD)

    A hybrid hard disk drive is an electromechanical spinning hard disk that contains some amount of NAND Flash memory.