The compliance area of computer security assumes familiarity with many standards, acronyms, and processes. The following lists of terms and references is provided for your convenience.
The following programs implement compliance assessment and reporting:
Security Content Automation Protocol (SCAP)
SCAP tools (OpenSCAP)
Open Vulnerability and Assessment Language (OVAL)
eXtensible Configuration Checklist Description Format (XCCDF)
The following bodies provide compliance standards or laws:
Center for Internet Security (CIS)
Federal Information Security Management Act (FISMA)
Gramm-Leach-Bliley Act (GLBA)
Health Insurance Portability and Accountability Act (HIPAA)
Payment Card Industry-Data Security Standard (PCI DSS)
Sarbanes Oxley (SOX)