Get trained on regulations affecting your industry through online webinars, learn the best practices, and download quality standards, checklists and news articles. Listen to experts on best practices to streamline quality and compliance processes and meet the regulatory demands.
Definitions for governance, assurance, audit and management of performance, risk and compliance.
Business Continuity Planning/Disaster Recovery Program. It refers to a business plan specifically designed to maintain the integrity of business functions and resource reliability in the event of challenge or disaster.
Business Impact Analysis (BIA) predicts the consequences of disruption of a business function and process, and also gathers information needed to develop recovery strategies.
The Control Objectives for Information and Related Technology (COBIT) 5 framework provides organizations with guidance and tools for supporting their enterprise IT governance and management.
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) provides fraud prevention and enterprise risk management guides as well as internal control frameworks to financial and accounting organizations.
The Department of Labor (DOL) fiduciary rule redefines brokerage business processes and elevates investment advice standards for retirement accounts.
Under the Department of Labor (DOL), the Employee Retirement Income Security Act of 1974 (ERISA) is a federal law that applies to most private employers. It establishes minimum standards and protections for employee retirement, health and other benefit plans such as life insurance and disability insurance.
Enterprise Risk Management is a process that uncovers risk on an enterprise-wide level. ERM approaches differ from traditional GRC approaches in that they track progress over time, use heat maps and other reports to provide insight and transparency, and standardize the risk assessment process so the entire organization is using one scale.
The Federal Regulatory Commission (FERC) is a U.S. federal agency that regulates and monitors gas, oil and electric utilities. Its top priorities include: ensuring reliable and sustainable energy for consumers, promoting reasonable rates and conditions, requiring safe and efficient infrastructure and enforcing compliance by deterring market manipulation.
The Federal Financial Institutions Examination Council (FFIEC) is a formal U.S. government interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions and to make recommendations to promote uniformity in the supervision of financial institutions.
Governance, Risk Management, and Compliance. GRC is a high-level term that addresses an enterprise’s method of execution for each of its three elements. The acronym GRC was invented as a shorthand reference to the critical capabilities that must work together to achieve Principled Performance.
The Health Insurance Portability and Accountability Act (HIPAA) ensures the protection of sensitive patient data. Companies that work with protected health information (PHI) must follow specific security measures to remain in compliance with HIPAA.
Internal Controls Over Financial Reporting (ICFR) defines the requirements for public companies to maintain and assess the effectiveness of their financial reporting and the preparation of financial statements by reducing the risk of material errors or misstatements.
ISO is an independent, non-governmental international organization with a membership of 162 national standards bodies.Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges.
Key Performance Indicators is a type of performance measurement which evaluate the success of an organization or of a particular activity (such as projects, programs, products and other initiatives) in which it engages.
Key Risk Indicators is a measure used in management to indicate how risky an activity is. Key risk indicators are metrics used by organizations to provide an early signal of increasing risk exposures in various areas of the enterprise.
Own Risk and Solvency Assessment (ORSA) is an internal process undertaken by an insurer or insurance group to assess the adequacy of its risk management and current and prospective solvency positions under normal and severe stress scenarios.
The U.S. Securities and Exchange Commission is an independent agency of the United States federal government that aims to protect investors; maintain fair, orderly, and efficient markets; and facilitate capital formation. The SEC strives to promote a market environment that is worthy of the public's trust.
The Sarbanes–Oxley Act of 2002, more commonly called Sarbanes–Oxley, Sarbox or SOX, is a United States federal law that set new or expanded requirements for all U.S. public company boards, management and public accounting firms.
Software as a Service (SaaS) is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet.
A Service-Level Agreement (SLA) is defined as an official commitment that prevails between a service provider and a client. Particular aspects of the service – quality, availability, responsibilities – are agreed between the service provider and the service user.