Browse Definitions :

Compliance, risk and governance

This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.

THI - XCC

  • think tank - A think tank is an organization that gathers a group of interdisciplinary scholars to perform research around particular policies, issues or ideas.
  • times interest earned (TIE) - Times interest earned (TIE) is a metric used to measure a company’s manageable debt limits; by its ability to pay the monthly interest on it’s debts.
  • tokenization - Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
  • total risk - Total risk is an assessment that identifies all of the risk factors, including potential internal and external threats and liabilities, associated with pursuing a specific plan or project or buying or selling an investment.
  • transparency - Transparency, in the context of governance, means being open and honest in all official activities.
  • triple bottom line (TBL) - The triple bottom line (TBL) is an accounting framework that includes social, environmental and financial results as bottom lines.
  • Trusted Internet Connections (TIC) - Trusted Internet Connections (TIC) is a mandate from the Office of Management and Budget (OMB) to reduce the number of Internet gateways on the federal government network and ensure that all external connections are routed through a government agency that has been designated as an approved TIC Access Provider.
  • United States Department of Labor - The United States Department of Labor (U.
  • United States Department of Transportation - The United States Department of Transportation (USDOT or DOT) is a cabinet agency of the U.
  • unknown unknown - An unknown unknown is unidentified information.
  • USA Patriot Act - The USA Patriot Act is a law enacted in 2001, granting new and extended data-collection abilities to federal agencies in an effort to combat terrorism after the September 11 attacks.
  • VAL IT (value from IT investments) - VAL IT (value from IT investments) is a framework that outlines governance best practices for information technology-enabled business investments.
  • Video Privacy Protection Act of 1988 - The Video Privacy Protection Act of 1988 is United States legislation that prevents wrongful disclosure of an individual's personally identifiable information stemming from their rental or purchase of audiovisual material, including videotapes, DVDs and video games.
  • Volcker rule - The Volcker rule is a section of the Dodd–Frank Act that restricts U.
  • VUCA (volatility, uncertainty, complexity and ambiguity) - VUCA is an acronym that stands for volatility, uncertainty, complexity and ambiguity, a combination of qualities that, taken together, characterize the nature of some difficult conditions and situations.
  • What is a private cloud? - Private cloud is a type of cloud computing that delivers similar advantages to public cloud, including scalability and self-service, but through a proprietary architecture.
  • What is BCDR? Business continuity and disaster recovery guide - Business continuity (BC) and disaster recovery (DR) are closely related practices that support an organization's ability to remain operational after an adverse event.
  • What is cybersecurity? - Cybersecurity is the protection of internet-connected systems such as hardware, software and data from cyberthreats.
  • What is enterprise content management? Guide to ECM - Enterprise content management (ECM) is a set of defined processes, strategies and tools that allows a business to effectively obtain, organize, store and deliver critical information to its employees, business stakeholders and customers.
  • What is risk management and why is it important? - Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.
  • What is risk mitigation? - Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.
  • whistleblower - A whistleblower is a person who voluntarily provides information to the general public, or someone in a position of authority, about dishonest or illegal business activities occurring at an organization.
  • Windows Genuine Advantage (WGA) - Windows Genuine Advantage (WGA) is a program that investigates Windows -based computers to be sure that their copy of the Windows operating system (OS) is legitimate.
  • XCCDF (Extensible Configuration Checklist Description Format) - XCCDF (Extensible Configuration Checklist Description Format) is a specification language for writing security checklists, benchmarks and related types of documents.
SearchCompliance
  • ISO 31000 Risk Management

    The ISO 31000 Risk Management framework is an international standard that provides businesses with guidelines and principles for ...

  • pure risk

    Pure risk refers to risks that are beyond human control and result in a loss or no loss with no possibility of financial gain.

  • risk reporting

    Risk reporting is a method of identifying risks tied to or potentially impacting an organization's business processes.

SearchSecurity
SearchHealthIT
SearchDisasterRecovery
  • What is risk mitigation?

    Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.

  • fault-tolerant

    Fault-tolerant technology is a capability of a computer system, electronic system or network to deliver uninterrupted service, ...

  • synchronous replication

    Synchronous replication is the process of copying data over a storage area network, local area network or wide area network so ...

SearchStorage
Close