Regulatory Risk Management: What Do These Acronyms Mean, and How They ApplyRajesh Unadkat
There are a lot of acronyms in the business world, especially when it comes to regulatory bodies and risk management. So many, in fact, it can be hard to keep them all straight. On that note, we’ve put together a helpful list of some of the most important acronyms when it comes to regulatory compliance.
- ISO: International Organization for Standardization. An organization made up of representatives from standards organizations from around the world, tasked with creating international regulatory standards for businesses.
- SOX: The Sarbanes–Oxley Act of 2002. Also known as the “Public Company Accounting Reform and Investor Protection Act” and the “Corporate and Auditing Accountability, Responsibility, and Transparency Act.” Created in the wake of corporate scandals such as Enron, SOX created criminal penalties for misconduct by corporate executives.
- FCPA: The Foreign Corrupt Practices Act. Prohibits the paying of bribes to officials from foreign governments.
- HIPAA: The Health Insurance Portability and Accountability Act. Passed in 1996, HIPAA sets industry-wide standards for how the confidential information of health insurance customers can be collected, stored, and shared between businesses and organizations. HIPAA was created to make it easier for customers to continue insurance coverage after switching or losing jobs and to reduce fraud.
- HiTech: The Health Information Technology for Economic and Clinical Health Act. Passed as a part of the American Recovery and Reinvestment Act of 2009, HiTech created incentives for health insurance providers to adopt electronic health record (EHR) systems and other advanced healthcare information technology.
- NIST: The National Institute of Standards and Technology. Founded in 1901, to this day NIST creates and manages the nation’s standard measurements for everything from nanomaterials to skyscrapers.
- FedRAMP: The Federal Risk and Authorization Management Program. A government-wide program for creating a standardized approach to security assessment, authorization, and continuous monitoring for cloud-based services and products.
Aruvio’s continuous GRC makes compliance and risk management easy through automation. Request a demo today at 855-927-8846.