Compliance, risk and governance
This glossary contains definitions related to compliance. Some definitions explain the meaning of words used in compliance regulations. Other definitions are related to the strategies that compliance officers use to mitigate risk and create a manageable compliance infrastructure.- think tank - A think tank is an organization that gathers a group of interdisciplinary scholars to perform research around particular policies, issues or ideas.
- three lines model - The three lines model is a risk management approach to help organizations identify and manage risks effectively by creating three distinct lines of defense.
- tokenization - Tokenization is the process of replacing sensitive data with unique identification symbols that retain all the essential information about the data without compromising its security.
- Top searches of 2008 - What were people searching the WhatIs.
- total risk - Total risk is an assessment that identifies all the risk factors associated with pursuing a specific course of action.
- transparency - Transparency is the quality of being easily seen through, while transparency in a business or governance context refers to being open and honest.
- triple bottom line (TBL) - The triple bottom line (TBL) is a sustainability-based accounting framework that includes social, environmental and financial factors as bottom-line categories.
- unknown unknown - An unknown unknown is unidentified information.
- VUCA (volatility, uncertainty, complexity and ambiguity) - VUCA is an acronym that stands for volatility, uncertainty, complexity and ambiguity -- qualities that make a situation or condition difficult to analyze, respond to or plan for.
- What is a private cloud? - Private cloud is a type of cloud computing that delivers similar advantages to public cloud, including scalability and self-service, but through a proprietary architecture.
- What is BCDR? Business continuity and disaster recovery guide - Business continuity (BC) and disaster recovery (DR) are closely related practices that support an organization's ability to remain operational after an adverse event.
- What is data privacy? - Data privacy, also called information privacy, is an aspect of data protection that addresses the proper storage, access, retention, immutability and security of sensitive data.
- What is enterprise content management? Guide to ECM - Enterprise content management (ECM) is a set of defined processes, strategies and tools that allows a business to effectively obtain, organize, store and deliver critical information to its employees, business stakeholders and customers.
- What is relationship marketing? - Relationship marketing is a facet of customer relationship management (CRM) that focuses on customer loyalty and long-term customer engagement rather than shorter-term goals like customer acquisition and individual sales.
- What is risk management and why is it important? - Risk management is the process of identifying, assessing and controlling threats to an organization's capital, earnings and operations.
- What is risk mitigation? - Risk mitigation is a strategy to prepare for and lessen the effects of threats faced by a business.
- What is the Cybersecurity Information Sharing Act (CISA)? - The Cybersecurity Information Sharing Act (CISA) allows United States government agencies and non-government entities to share information with each other as they investigate cyberattacks.
- What is the Driver's Privacy Protection Act (DPPA)? - The Driver's Privacy Protection Act (DPPA) is a United States federal law designed to protect the personally identifiable information of licensed drivers from improper use or disclosure.
- Whistleblower Protection Act - The Whistleblower Protection Act of 1989 is a law that protects federal government employees in the United States from retaliatory action for voluntarily disclosing information about dishonest or illegal activities occurring in a government organization.