RoC
Report on Compliance A report produced following an assessment of compliance to PCI requirements for merchants who process a certain volume of card holder information. More on PCI.
Report on Compliance A report produced following an assessment of compliance to PCI requirements for merchants who process a certain volume of card holder information. More on PCI.
Personal Identifiable Information Information which may identify an individual person. Often used in the scope of the Data Protection Act.
Return on Investment The benefits and rewards achieved after an investment has been made, justifying the initial outlay. Such as an increase of profit as a direct result of investing in ISO certification.
Risk Assessment Method Statements RAMS combine risk assessment with safe systems of work or method statements that contractors must provide before working on many sites. Method Statements detail how an activity will be carried out and should include consideration of…
Information Security Management System A structured system for managing the protection of information. Often following ISO 27001. may or may not be certified.
Information System Software or other system for collecting, storing and processing information.
Information Security The practice of protecting information from unauthorised access and use.
Senior Information Risk Owner SIRO is a role used in Government Information Assurance and is particularly prominent in the NHS and where health data is handled, often combined with other job roles
Security Incident and Event Management The process of using products and/or services to manage security information and security events. Usually by providing real-time reporting and analysis of network activity.
Plan, Do, Check, Act The cycle implemented in a management system to drive continual improvement. Based on the Deming Cycle.