ITASC glossary

Terms that you need to know about Security, Compliance & Audit




Cyber Security


Audit Readiness
The state of preparedness of an organization to undergo an audit, whether it is an internal audit, external audit, or regulatory compliance audit. It involves ensuring that all necessary documentation, processes, controls, and evidence are in place to support the audit objectives and requirements.

ITGC Frameworks
Information Technology General Controls(ITGC) frameworks are sets of best practices and guidelines that help organizations establish and maintain effective controls over their information technology (IT) systems and processes. These frameworks provide organizations with guidance on implementing and maintaining effective controls over their IT systems and processes.

HITECH Assessment
The HITECH Act (Health Information Technology for Economic and Clinical Health Act) is a U.S. federal law that was enacted in 2009 as part of the American Recovery and Reinvestment Act. HITECH assessment refers to the evaluation of an organization’s compliance with the privacy and security requirements outlined in the HITECH Act. The assessment typically involves reviewing the organization’s policies, procedures, technical safeguards, administrative safeguards and others to ensure they align with the requirements set forth by the law.

Hi-Trust (Health Information Trust)
It is a widely recognized framework for managing and protecting sensitive healthcare information. It provides a comprehensive set of controls, policies, and procedures designed to address the unique security and privacy requirements for healthcare organizations.


It stands for Payment Card Industry Data Security Standard. It is a set of security standards established by the Payment Card Industry Security Standards Council (PCI SSC) to ensure the protection of cardholder data and secure payment card transactions. PCI DSS applies to organizations that handle, process, or store payment card information, including merchants, financial institutions, service providers, and any other entity involved in payment card transactions.