ITASC glossary
Terms that you need to know about Security, Compliance & Audit
COMPLIANCE
CCPA Assessment
The process of evaluating an organization’s compliance with the California Consumer Privacy Act (CCPA). The CCPA is a data protection and privacy law that grants California residents certain rights regarding the collection, use, and disclosure of their personal information by businesses operating in California.
HIPAA Certification
HIPAA sets requirements for covered entities, such as healthcare providers, health plans, and healthcare clearinghouses, as well as their business associates, regarding the privacy, security, and confidentiality of protected health information (PHI). Compliance with HIPAA regulations is a legal obligation for these entities.
ISO Assessment
ISO assessment refers to the process of evaluating an organization’s adherence to the standards set forth by the International Organization for Standardization (ISO).
ISO Certification
ISO certification, also known as ISO registration, is the process by which an organization receives formal recognition that its management systems comply with the requirements of a specific ISO standards.
SOC2 Readiness Checklist
To achieve ISO Certification, or planning your next internal ISO Audit to ensure that you remain compliant, you need to keep on monitoring the procedures guided with free checklist provided by ITASC.
PCI Attestation
The process of obtaining a formal attestation or validation that an organization has met the requirements of the Payment Card Industry Data Security Standard (PCI DSS).
PCI AOC Report (aka PCI DSS AOC)
It’s formal document that attests to an organization’s compliance with the Payment Card Industry Data Security Standard (PCI DSS).
GDPR Requirements
A comprehensive data protection and privacy regulation by the General Data Protection Regulation (GDPR) that sets out requirements for the processing of personal data of individuals within the European Union (EU).