Get trained on regulations affecting your industry through online webinars, learn the best practices, and download quality standards, checklists and news articles. Listen to experts on best practices to streamline quality and compliance processes and meet the regulatory demands.
Definitions for governance, assurance, audit and management of performance, risk and compliance.
BCP/DR
Business Continuity Planning/Disaster Recovery Program. It refers to a business plan specifically designed to maintain the integrity of business functions and resource reliability in the event of challenge or disaster.
BIA
Business Impact Analysis (BIA) predicts the consequences of disruption of a business function and process, and also gathers information needed to develop recovery strategies.
COBIT 5
The Control Objectives for Information and Related Technology (COBIT) 5 framework provides organizations with guidance and tools for supporting their enterprise IT governance and management.
COSO
The Committee of Sponsoring Organizations of the Treadway Commission (COSO) provides fraud prevention and enterprise risk management guides as well as internal control frameworks to financial and accounting organizations.
DOL
The Department of Labor (DOL) fiduciary rule redefines brokerage business processes and elevates investment advice standards for retirement accounts.
ERISA
Under the Department of Labor (DOL), the Employee Retirement Income Security Act of 1974 (ERISA) is a federal law that applies to most private employers. It establishes minimum standards and protections for employee retirement, health and other benefit plans such as life insurance and disability insurance.
ERM
Enterprise Risk Management is a process that uncovers risk on an enterprise-wide level. ERM approaches differ from traditional GRC approaches in that they track progress over time, use heat maps and other reports to provide insight and transparency, and standardize the risk assessment process so the entire organization is using one scale.
FERC
The Federal Regulatory Commission (FERC) is a U.S. federal agency that regulates and monitors gas, oil and electric utilities. Its top priorities include: ensuring reliable and sustainable energy for consumers, promoting reasonable rates and conditions, requiring safe and efficient infrastructure and enforcing compliance by deterring market manipulation.
FFIEC
The Federal Financial Institutions Examination Council (FFIEC) is a formal U.S. government interagency body empowered to prescribe uniform principles, standards, and report forms for the federal examination of financial institutions and to make recommendations to promote uniformity in the supervision of financial institutions.
GRC
Governance, Risk Management, and Compliance. GRC is a high-level term that addresses an enterprise’s method of execution for each of its three elements. The acronym GRC was invented as a shorthand reference to the critical capabilities that must work together to achieve Principled Performance.
HIPAA
The Health Insurance Portability and Accountability Act (HIPAA) ensures the protection of sensitive patient data. Companies that work with protected health information (PHI) must follow specific security measures to remain in compliance with HIPAA.
ICFR
Internal Controls Over Financial Reporting (ICFR) defines the requirements for public companies to maintain and assess the effectiveness of their financial reporting and the preparation of financial statements by reducing the risk of material errors or misstatements.
ISO
ISO is an independent, non-governmental international organization with a membership of 162 national standards bodies.Through its members, it brings together experts to share knowledge and develop voluntary, consensus-based, market relevant International Standards that support innovation and provide solutions to global challenges.
KPIs
Key Performance Indicators is a type of performance measurement which evaluate the success of an organization or of a particular activity (such as projects, programs, products and other initiatives) in which it engages.
KRIs
Key Risk Indicators is a measure used in management to indicate how risky an activity is. Key risk indicators are metrics used by organizations to provide an early signal of increasing risk exposures in various areas of the enterprise.
ORSA
Own Risk and Solvency Assessment (ORSA) is an internal process undertaken by an insurer or insurance group to assess the adequacy of its risk management and current and prospective solvency positions under normal and severe stress scenarios.
SEC
The U.S. Securities and Exchange Commission is an independent agency of the United States federal government that aims to protect investors; maintain fair, orderly, and efficient markets; and facilitate capital formation. The SEC strives to promote a market environment that is worthy of the public's trust.
SOX
The Sarbanes–Oxley Act of 2002, more commonly called Sarbanes–Oxley, Sarbox or SOX, is a United States federal law that set new or expanded requirements for all U.S. public company boards, management and public accounting firms.
SAAS
Software as a Service (SaaS) is a software distribution model in which a third-party provider hosts applications and makes them available to customers over the Internet.
SLA
A Service-Level Agreement (SLA) is defined as an official commitment that prevails between a service provider and a client. Particular aspects of the service – quality, availability, responsibilities – are agreed between the service provider and the service user.