|
UAF
Concept
|
HOPEX
Concept
|
Definition
|
|---|---|---|
|
regulatory framework
|
regulatory framework
|
A regulatory framework is an authority document falling under any of following categories: regulations (rules of law that, if not followed, can result in penalties), guidelines, standards, best practices.
|
|
policy framework
|
policy framework
|
A policy framework represents internal documents issued by the Organization, such as code of conducts, standard security measures and similar.
|
|
control directive
|
control directive
|
A control directive is an interpretation of the law and contributes to the enforcement of any regulation article your organization has to comply with.
|
|
risk
|
risk
|
A risk is a hazard of greater or lesser probability to which an organization is exposed.
|
|
risk type
|
risk type
|
A risk type defines a risk typology standardized within the context of an organization.
|
|
business policy
|
business policy
|
A business policy is a directive whose purpose is to govern or guide the company. A business policy serves as the basis for defining business rules and governing corporate processes. A business policy is always under the control of the company. It allows to control, guide and formalize the strategies and tactics of the company.
|