{tableName=glossary, name=Cloud Control Matrix (CCm), description=
A Cloud Control Matrix (CCm) is an organizational tool used to monitor and maintain the security, availability, and reliability of cloud-based services. It is a comprehensive framework that defines the policies, procedures, and controls necessary to ensure that cloud-based services are secure and compliant with applicable regulations. The CCm is typically composed of a set of policies and procedures that define the roles and responsibilities of all parties involved in the cloud services, including cloud service providers, customers, and other stakeholders. The CCm also outlines the security controls necessary to ensure the confidentiality, integrity, and availability of the cloud services and data. Additionally, the CCm may include audit and compliance requirements, user access controls, and incident response plans. The CCm is designed to help organizations ensure that their cloud services are secure and compliant with applicable regulations., topic=null, hs_path=cloud-control-matrix-ccm}--
{tableName=glossary, name=SOC 3, description=
SOC 3 is an internationally recognized standard that is used to assess and report on the security and privacy of a service organization’s systems, processes, and controls. This standard is part of the System and Organization Controls (SOC) family of standards, developed and maintained by the American Institute of Certified Public Accountants (AICPA). The SOC 3 standard is a third-party assurance report that summarizes the results of a service organization’s system and controls review. The report is intended to provide assurance to customers, partners, and other stakeholders that the service organization has implemented effective security and privacy controls over the systems and processes that support its services. The SOC 3 report includes a description of the service organization’s system, the controls in place, and the results of the review. The report also includes an opinion from an independent auditing firm, which provides assurance that the controls are designed and implemented effectively. The SOC 3 standard is designed to help service organizations demonstrate their commitment to security and privacy, and to provide assurance to customers, partners, and other stakeholders that their data and systems are safe and secure., topic=null, hs_path=soc-3}--
{tableName=glossary, name=Ransomware Protection, description=
Ransomware protection is the process of safeguarding computer systems and networks from malicious software, or ransomware, that is designed to encrypt or otherwise restrict access to a user's data until a ransom is paid. Ransomware protection includes the use of antivirus software, firewalls, and other security measures to prevent ransomware from infiltrating a computer system or network in the first place. Additionally, it involves the implementation of backup and recovery plans that allow a user to restore their data in the event that ransomware does manage to infiltrate their system. Finally, ransomware protection also includes user education about the dangers of ransomware and how to avoid it., topic=null, hs_path=ransomware-protection}--
{tableName=glossary, name=SOC 2, description=
SOC 2 is a set of auditing standards developed by the American Institute of Certified Public Accountants (AICPA) to evaluate and validate the security, availability, processing integrity, confidentiality, and privacy of a service organization’s systems and processes. The SOC 2 audit is designed to provide assurance to customers and other stakeholders that the service organization has met the AICPA’s Trust Services Principles and Criteria. The Trust Services Principles are a set of security, availability, processing integrity, confidentiality, and privacy criteria that organizations must meet in order to demonstrate that they have taken the necessary steps to protect their customers’ data. The SOC 2 audit is conducted by a third-party audit firm and is typically conducted annually. The audit report is then made available to customers, partners, and other stakeholders. The SOC 2 audit is an important tool for organizations to demonstrate their commitment to security and data privacy, as well as to provide assurance to customers and other stakeholders that their data is secure and protected., topic=null, hs_path=soc-2}--
{tableName=glossary, name=Executive Order, description=
An executive order is a directive issued by the President of the United States with the force of law. It is issued in order to direct members of the executive branch of the federal government to take certain actions or comply with certain regulatory standards. Executive orders have the full force of law and are binding on the executive branch, though they are subject to judicial review. Executive orders are used to direct federal agencies and officials to implement policy decisions that have been made by the President, and they are often used to bypass the legislative process and circumvent congressional opposition. Executive orders are also used to establish national priorities, allocate resources, and set standards for federal agencies to follow. Executive orders are not laws passed by Congress, but they are nevertheless legally binding on the executive branch., topic=null, hs_path=executive-order}--
{tableName=glossary, name=Risk Control Self Assessment (RCSA), description=
Risk Control Self Assessment (RCSA) is a systematic process used to identify, assess, monitor, and control risks within an organization. It is a tool used to ensure that risks are managed effectively, efficiently, and in accordance with organizational objectives. The RCSA process typically involves the identification of risk areas, the assessment of the risks, the application of control measures, the monitoring of risk levels, and the review of the risk management program. The RCSA process is designed to be an ongoing cycle, with continual feedback and improvement of the risk management program. The goal of the RCSA process is to ensure that risks are identified, assessed, and managed in a timely and effective manner. The RCSA process also helps to ensure that risks are managed in a way that is consistent with the organization's objectives., topic=null, hs_path=risk-control-self-assessment-rcsa}--
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75