Skip to main content

Information Security Industry Acronyms | Optiv

April 19, 2013

Information Security is one of the fastest growing industries because of organizations' requirements to protect their data.  To help those individuals that want to learn about information security, one of the first steps is to understand the acronyms.  While there are literally thousands of industry acronyms, we created this short list to highlight some of the most common acronyms to help individuals get a head start.

Untitled Document
  • AD - Active Directory
  • API - Application Program Interface
  • ASV - Authorized Security Vendor
  • C&A - Certification and Accreditation
  • CA - Certification Authority
  • CISA - Certified Information Security Auditor
  • CISO - Chief Information Security Officer
  • CISSP - Certified Information Systems Security Professional
  • ComSec - Communications Security
  • CSA - Cloud Security Alliance
  • CSTA - Certified Security Testing Associate
  • CSTP - Certified Security Testing Professional
  • DDOS - Distributed Denial of Service (attack)
  • eDiscovery - Short for Electronic Discovery
  • eSAS - eLearning Security Awareness Solution
  • ESI - Electronically Stored Information
  • FISMA - Federal Information Security Management Act
  • FRCP - Federal Rules of Civil Procedure
  • GIAC - Global Information Assurance Certification
  • GLBA - Gramm–Leach–Bliley Act (also known as the Financial Services Modernization Act of 1999)
  • GRC - Governance Risk & Compliance
  • HIE - Health Information Exchange
  • HIPAA - Health Insurance Portability and Accountability Act
  • HITECH - Health Information Technology for Economic and Clinical Health Act
  • HTTP - Hypertext Transmission Protocol
  • HTTPS - Secured Hypertext Transmission Protocol
  • IA - Information Assurance
  • IAG - Identity & Access Governance
  • IAM - Identity & Access Management
  • IDS - Intrusion Detection System
  • IIS - Internet Information Services
  • IM - Incident Management
  • InfoSec - Information Security  
  • IRRA - Incident Response Risk Assessment
  • ISACA - Information Systems Audit and Control Association
  • ISMS - Information Security Management System
  • ISPM - Information Security Program Model
  • ISSA - Information Security Systems Association
  • IT - Information Technology
  • LMS - Learning Management System
  • MA - Management Agent
  • MDM - Mobile Device Management
  • MLS - Multilevel Security
  • MSS - Managed Security Services
  • MSSP - Managed Security Services Program or Managed Security Services Provider
  • NSA - National Security Agency
  • OPSec - Operations Security
  • PCI - Payment Card Industry
  • PCI-DSS - Payment Card Industry  Data Security Standards
  • Pen Test - Penetration Test
  • QSA - Qualified Security Assessor
  • RMF - Risk Management Framework
  • SAS - Statement on Auditing Standards (SAS 70)
  • SCORM - Sharable Content Object Reference Model
  • SDLC - Software Development Lifecycle
  • SEM - Security Event Management
  • SIEM - Security Information Event Management
  • SIM - Security Information Management
  • SIM - Subscriber Identity Module
  • SOX - Sarbanes-Oxley Act
  • SSL - Secure Socket Layer
  • SSO - Single Sign-On
  • SSPM - Self-Service Password Management
  • UTM - Unified Threat Management

    Randy Pringle

By: Randy Pringle

Solutions Marketing Manager

See More

Related Blogs

April 05, 2016

Five Spring Cleaning Tips for Identity Protection

Spring cleaning is not just about creating space in closets, but is also a great time to organize your online passwords as well. Chances are you have ...

See Details

April 19, 2013

Information Security Industry Acronyms | Optiv

Information Security is one of the fastest growing industries because of organizations' requirements to protect their data. To help those individuals...

See Details

November 11, 2014

5 Ways Your Enterprise Security Tools Are Failing | Optiv

We have witnessed a dramatic shift in the nature of enterprise security in the last 10 years. The individuals who are attacking our networks are no lo...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Related Insights

January 26, 2018

Identity and Access Management Solutions

We help you minimize risk and maximize efficiency with our IAM solutions.

See Details

October 06, 2017

Managed Security Services - Service Guide

Learn about our flexible and scalable services to improve your security capabilities.

See Details

September 19, 2017

Governance Risk and Compliance Services

Optiv works with your organization to optimize its investment in RSA Archer.

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.