Chief Executive Officer
| CFO |
Chief Financial Officer |
| CGTF |
Corporate Governance Task Force |
| CIO |
Chief Information Officer |
| CISO |
Chief Information Security Officer |
| CobIT |
Control Objectives for Information and related Technology |
| CoE |
Council of Europe |
| COO |
Chief Operating Officer |
| CPO |
Chief Privacy Officer |
| CRO |
Chief Risk Officer |
| CSO |
Chief Security Officer |
| DHS |
Department of Homeland Security |
| DP |
Data Protection |
| DR |
Disaster Recovery |
| EA |
External Audit |
| ECPA |
Electronic Communications Privacy Act |
| EEA |
Economic Espionage Act |
| ERM |
Enterprise Risk Management |
| ESP |
Enterprise Security Program |
| ESS |
Enterprise Security Strategy |
| EU |
European Union |
| FIPS |
Federal Information Processing Standard |
| FISMA |
Federal Information Security Management Act |
| FTC |
Federal Trade Commission |
| GC |
General Counsel |
| GLBA |
Gramm-Leach-Bliley Act |
| HIPAA |
Health Insurance Portability and Accountability Act |
| HR |
Human Resources |
| IA |
Internal Audit |
| IATO |
Interim Authorization To Operate |
| IFAC |
International Federation of Accountants |
| IIA |
Institute of Internal Auditors |
| IR |
Incident Response |
| ISACA |
Information Systems Audit and Control Association |
| ISO |
International Organization for Standardization |
| ISSA |
Information Systems Security Association |
| IT |
Information Technology |
| ITGI |
IT Governance Institute |
| KPI |
Key Performance Indicator |
| MLAT |
Mutual Legal Assistance Treaty |
| NIST |
National Institute of Standards and Technology |
| OCTAVE |
Operationally Critical Threat, Asset, and Vulnerability Evaluation |
| OP |
Operational Personnel |
| P6STNI |
People, Products, Plants, Processes, Policies, Procedures, Systems, Technologies, Networks, and Information |
| PDA |
Personal Digital Assistant |
| PIPEDA |
Personal Information Protection and Electronics Document Act |
| PIA |
Privacy Impact Assessment |
| PII |
Personally Identifiable Information |
| PIV |
Personal Identify Verification |
| POAM |
Plans Of Action and Milestones |
| PR |
Public Relations |
| RFID |
Radio Frequency Identification |
| RMP |
Risk Management Plan |
| ROI |
Return On Investment |
| RTO |
Recovery Time Objectives |
| SCADA |
Supervisory Control And Data Acquisition |
| SDLC |
System Development Life Cycle |
| SEC |
Securities & Exchange Commission |
| SOD |
Segregation Of Duties |
| SRMP |
Security Risk Management Plan |
| USCCU |
U.S. Cyber Consequences Unit |
| VOIP |
Voice Over Internet Protocol |
| X-team |
Cross organizational ESP team |
