How the Affordable Care Act impacts information security

Information Security Policies, Procedures and Guidelines

Email Alerts

Register now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • segregation of duties (SoD)

    Segregation of duties (SoD) is an internal control designed to prevent error and fraud by ensuring that at least two individuals are responsible for the separate parts of any task. SoD involves breaking down tasks that might reasonably be completed b... 

  • four eyes principle

    The four eyes principle is a requirement that two individuals review and approve some action before it can be taken. In a business context, the two individuals are often the CEO and the CFO. However, the principle can be applied to decisions at all l... 

  • confidentiality, integrity, and availability (CIA)

    Confidentiality, integrity, and availability (CIA) is a model designed to guide policies for information security within an organization. In this context, confidentiality is a set of rules that limits access to information, integrity is the assurance... 

  • information-centric security

    Information-centric security is an approach to information security paradigm that emphasizes the security of the information itself rather than the security of networks, applications, or even simply data. 

  • PCI Security Standards Council

    The PCI Security Standards Council is an organization created by the major credit card companies in an effort to better protect credit card holder data. 

  • PA-DSS (Payment Application Data Security Standard)

    Payment Application Data Security Standard (PA-DSS) is a set of requirements that are intended to help software vendors develop secure payment applications that support PCI DSS compliance. 

  • PCI policy

    A PCI policy is a type of security policy that covers how an organization addresses the 12 requirements of the Payment Card Industry Data Security Standard (PCI DSS). 

  • defense in depth

    Defense in depth is the coordinated use of multiple security countermeasures to protect the integrity of the information assets in an enterprise... (Continued) 

  • security policy

    In business, a security policy is a document that states in writing how a company plans to protect the company's physical and information technology (IT) assets. 

  • non-disclosure agreement (NDA)

    A non-disclosure agreement (NDA) is a signed formal agreement in which one party agrees to give a second party confidential information about its business or products and the second party agrees not to share this information with anyone else for a sp... 

About Information Security Policies, Procedures and Guidelines

Browse the articles and tips in this section for the latest information on how to create, manage and implement effective information security policies, procedures and guidelines, such as acceptable use, device and remote access policies.