study set 1 Flashcards
learn it (40 cards)
What are the 4 codes of Ethics?
- Protect the Society, commonwealth and the infrastructure
- Act Honorably, honestly, justly, responsibly, and legally
- Provide Diligent and competent Service to principals
- Advance and protect the profession
Known as a Program Policy
Organizational security Policy
ISO 27002
Provides practical Advice for HOW TO implement Security controls, use 10 domain to Address ISMS
ISO 27005
Approach To Risk Management
What are The Risk control Frameworks?
- COSO
- COBIT
- ISO 27001
- NIST 800_53 (government agencies)
Long term focus on sustaining Operation of the business following a Disaster
Business Recovery Plan
What type of policy is Mandatory with High level statements that supports strategic Goals of the Organization.
Organizational security Policy
A Risk Methodologies that focuses on IT Systems not the Organizational Strategy
NIST SP 800-30
A system meets the requirements of the Data Owner is called?
Certification
A dollar figure that represents what the asset is worth to the organization
(AV) Asset Value
ITADA
Identity Theft and Assumption Deterrence Act
BIA
Business Impact Analysis
ECPA
Electronic communication Privacy Act
Restricts Governments of interception of communications
CISO
Chief Info Security Officer
SCI
Sensitive Compartmented Information
Which standard comes from ISACA?
COBIT
Responding to a Risk is called?
Risk Mitigation
The Key items in privacy protection for DATA Processors are?
Training and Auditing
To identify Assets, threats and vulnerabilities
Risk Assessment
The 7 phases of BCP
- Project Initiation
- Business Impact Analysis
- Recovery Strategy
- Plan Design and Development
- Implementation
- Testing
- Maintenance
Will help you decide the correct risk mitigation Strategy?
Cost / Benefit Analysis
ISO 27004
Metrics
TCO
Total cost of Ownership
The total cost of implementing a safeguard.
includes maintenance fees
Ensures that the state holders needs conditions and options are evaluated.
Governance
