C Flashcards
Capability Maturity Model Integration (CMMI)
An integrated model of best practices that enable businesses to improve performance by improving their processes. Product teams developed the model with global members from across industry. The CMMI provides
a best-practice framework for building, improving, and sustaining process capability.
Certificate (Certification) authority (CA)
A trusted third party that serves authentication infrastructures or enterprises and registers entities and issues them certificates
Certificate revocation list (CRL)
An instrument for checking the continued validity of the certificates for which the certification authority (CA) has responsibility
Certification practice statement (CPS)
A detailed set of rules governing the certificate authority’s operations. It provides an understanding of the value and trustworthiness of certificates issued by a given certificate authority (CA).
Chain of custody
The process of evidence handling from collection to presentation that is necessary to maintain the validity and integrity of evidence
Challenge/response token
A method of user authentication that is carried out through use of the Challenge Handshake Authentication Protocol (CHAP).
Change management
A methodical approach for controlling and implementing changes in a planned and structured manner (CMMI)
Change management
A holistic and proactive approach to managing the transition from a current to a desired organizational state, focusing specifically on the critical human or “soft” elements of change (ISACA)
Checksum
A checksum value is generated by an algorithm and associated with an input value and/or whole input file. The checksum value can be used to assess its corresponding input data or file later and verify that the input has not
been maliciously altered. If a subsequent checksum value no longer matches the initial value, the input may have been altered or corrupted.
Chief information officer (CIO)
The most senior official of the enterprise who is accountable for IT advocacy, aligning IT and business strategies, and planning, resourcing and managing the delivery of IT services, information and the deployment of associated human resources
Chief information security officer (CISO)
The person in charge of information security within the enterprise
Chief security officer (CSO)
The person usually responsible for all physical and digital security matters in an enterprise
Chief technology officer (CTO)
The individual who focuses on technical issues in an enterprise.
COBIT
A broad and comprehensive I&T governance and management framework and continues to establish itself as a generally accepted framework for I&T governance. Formerly known as Control Objectives for Information and related Technology.
Compensating control
An internal control that reduces the risk of an existing or potential control weakness resulting in errors and omissions.