ITASC glossary

Terms that you need to know about Security, Compliance & Audit

Get Started

Glossary

COMPLIANCE

Compliance

Cyber Security

Audit

CCPA Assessment
The process of evaluating an organization’s compliance with the California Consumer Privacy Act (CCPA). The CCPA is a data protection and privacy law that grants California residents certain rights regarding the collection, use, and disclosure of their personal information.

HIPAA Certification
HIPAA is Health Information Portability and Accountability Act of 1996 that sets requirements for covered entities, such as healthcare providers, health plans, and healthcare clearinghouses, as well as their business associates, regarding the privacy, security, and confidentiality of protected health information (PHI). Compliance with HIPAA regulations is a legal obligation for these entities.

ISO Assessment
ISO assessment refers to the process of evaluating an organization’s adherence to the standards set forth by the International Organization for Standardization (ISO).

ISO Certification

ISO certification, the formal recognition by an independent body, generally known as an accreditation body, that a certification body operates according to ISO standards. It is process by which an organization receives formal recognition that its management systems comply with the requirements of a specific ISO standards.

SOC2 Readiness Checklist

To achieve ISO Certification, or planning your next internal ISO Audit to ensure that you remain compliant, you need to keep on monitoring the procedures guided with free checklist provided by ITASC.

PCI Attestation

The process of obtaining a formal attestation or validation that an organization has met the requirements of the Payment Card Industry Data Security Standard (PCI DSS).

PCI AOC Report (aka PCI DSS AOC)

It’s formal document that attests to an organization’s compliance with the Payment Card Industry Data Security Standard (PCI DSS).

GDPR Requirements
A comprehensive data protection and privacy regulation by the General Data Protection Regulation (GDPR) that sets out requirements for the processing of personal data of individuals from European Union (EU).