GRC Definitions

  • B

    black swan event

    A black swan event is an incident that occurs randomly and unexpectedly, and has a major effect on operations.

  • business continuity management (BCM)

    Business continuity management (BCM) is a framework for identifying an organization's risk of exposure to internal and external threats.

  • C

    chief procurement officer (CPO)

    A chief procurement officer (CPO) is an executive title commonly given to the person responsible for the strategic acquisition of goods and services at an organization. In addition to establishing the policies and processes to guide acquisitions, duties of a CPO include reducing costs and ensuring excellent supplier performance.

  • F

    field-level encryption

    Field-level encryption is the ability to encrypt data based on entire fields.

  • G

    GRC (governance, risk management and compliance) software

    GRC (governance, risk management and compliance) software allows publicly-held companies to integrate and manage IT operations that are subject to regulation. (Continued...)

  • H

    Honey Encryption

    Honey Encryption is a security tool that makes it difficult for an attacker who is carrying out a brute force attack to know if he has correctly guessed a password or encryption key.

  • K

    key risk indicator (KRI)

    A key risk indicator (KRI) is a metric for measuring the likelihood that the combined probability of an event and its consequence will exceed the organization's risk appetite and have a profoundly negative impact on an organization's ability to be successful. 

  • M

    Murkogram

    A Murkogram is spam (unsolicited commercial e-mail) that includes a disclaimer to the effect that the message cannot be considered spam because it is in compliance with Bill S.1618 Title III, known as the Inbox Privacy Act. 

  • P

    pretexting

    Pretexting is a form of social engineering in which one individual lies to obtain privileged data about another individual in order to engage in identity theft or corporate espionage. A pretext is a false motive.

  • public data

    Public data is information that can be freely used, reused and redistributed by anyone with no existing local, national or international legal restrictions on access or usage.

  • S

    Sarbanes-Oxley Act (SOX)

    The Sarbanes-Oxley Act of 2002 (often shortened to SOX) is legislation passed by the U.S. Congress to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise, as well as improve the accuracy of corporate disclosures.

  • sustainability risk management (SRM)

    Sustainability risk management (SRM) is a business strategy that aligns profit goals with a company's environmental policies.

  • V

    vendor risk management (VRM)

    Vendor risk management (VRM) is a comprehensive plan for identifying and decreasing potential business uncertainties and legal liabilities regarding the hiring of 3rd party vendors for IT products and services.

-ADS BY GOOGLE

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close