Quiz: Compliance

Match the correct term in the left-hand column with its description in the right-hand column.

How to take the quiz:
- After reading the question, click on the answer that you think is correct to go to the whatis.com definition. If the answer you ve chosen is correct, you will see the question text somewhere in the defintion.
OR
- After reading the question, note the letter of your answer choice. Check your answers by using the answer key at the end of the quiz.

a) Chief Information Officer b) National Computer Security Center c) ISO d) Section 508 e) ANSI f) Sarbanes-Oxley Act g) OASIS h) Electronic Industries Association i) IETF j) Can-Spam Act of 2003 k) HIPAA l) Chief Compliance Officer m) RIAA n) functional specification o) compliance p) European Telecommunications Standards Institute q) DVD Forum r) Telecommunications Act of 1996 s) Federal Information Processing Standard t) do not call list u) Telecommunications Management Network v) DARPA w) NSA x) National Institute for Standards and Technology y) Internet Architecture Board z) Society of Motion Picture and Television Engineers

1._____ This is a corporate official in charge of overseeing and managing compliance issues within an organization, ensuring, for example, that a company is complying with regulatory requirements, and that the company and its employees are complying with internal policies and procedures. 2. _____This is legislation enacted in response to the high-profile Enron and WorldCom financial scandals to protect shareholders and the general public from accounting errors and fraudulent practices in the enterprise. 3. _____This is legislation enacted in the United States that places restrictions on unsolicited bulk mail (UBE), such as requiring valid sender contact information and opt-out mechanisms. 4._____ This is a state of accordance with established standards, specifications, or legislation. 5._____This is a U.S. government organization within the National Security Agency (NSA) that evaluates computing equipment for high security applications to ensure that facilities processing classified or other sensitive material are using trusted computer systems and components. 6._____This is legislation with two sections: Title I deals with protecting health insurance coverage for people who lose or change jobs; Title II includes an administrative simplification section which deals with the standardization of healthcare-related information systems (IT industry references are usually about HIPPA Title II). 7._____This is an organization that represents the music recording industry's intellectual property rights. 8.____This is legislation designed to stimulate competition that specifies: how local telephone carriers can compete; how and under what circumstances local exchange carriers (LEC) can provide long-distance services; and the deregulation of cable TV rates. 9. _____This is a registry of phone numbers in the United States that telemarketers are prohibited from calling in most circumstances. 10._____ This is an international organization made up of companies using or manufacturing DVD-related products.

SCROLL DOWN FOR ANSWER KEY

• Read this column on best practices for managing compliance with security standards.
• Understand the implications of Sarbanes-Oxley for the security manager in this column.
• Have your HIPAA compliance efforts been pushed to the back burner? Find out why now is a good time for a HIPAA status check.

ANSWER KEY: 1l; 2f; 3j; 4o; 5b; 6k; 7m; 8r; 9t; 10q

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Data Security Breach Laws and Notification Web 2.0 and e-discovery: Risks and countermeasures Data breaches caused by employee errors, process failures RSA attendees see data classification, rights management projects stumble Next version of PCI DSS due in September Hannaford breach illustrates dangerous compliance mentality Worst practices: Recognizing the biggest compliance mistakes Why are there still various independent credit card security standards? TJX offers $40.9 million breach settlement Data breach costs soar With data breach costs soaring, companies should review data sharing policies Data Security Breach Laws and Notification Research Gramm-Leach-Bliley Act (GLBA) The road to compliance IBM to boost security spending, push PCI DSS program ISO 27001 could bridge the regulatory divide, expert says Policies and regulatory compliance Where hard drives go to die, or do they? Compliance guide for managers: Lessons learned and best decisions Become compliant -- without breaking the bank Compliance Guide for Managers Making sense of the maze CSOs seek regulatory sanity in 2006 Gramm-Leach-Bliley Act (GLBA) Research FISMA Learn from NIST: Best practices in security program management At RSA, feds seek help to close widening cybersecurity gaps House legislators rip Bush's Cyber Initiative plan Industry group uses awareness month to lobby for data breach laws TJX should have had stronger Wi-Fi encryption, say Canadian officials Data breaches, compliance drive intellectual property protection HP targets energy compliance with appliance Private sector should learn from government insecurity Feds get average FISMA grade View Point FISMA Research

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Federal Information Security Management Act  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary