Chapter 1 Flashcards

1
Q

Risk Assessment

A

Risk assessment is the process or identifying, estimating and ranking potential risks to an organisation, including its operations, assets, people and the country, resulting from using information systems.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Risk Management Tiers

A

Risk assessments can be conducted at three tiers: Tier 1 (organizational level,) Tier 2 (mission/business process level), and Tier 3 (information system level).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Risk Management Processes

A

Risk Management processes encompass four key components: framing risk, assessing risk, responding to risk, and monitoring risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Framing Risk

A

The process of creating a strategy that shows how an organisation intends to assess, respond to and monitor risk.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Assessing Risk

A

Assessing risk is the process of identifying relevant threats, vulnerabilities, potential impacts, and the likelihood of harm.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Responding to Risk

A

It involves providing a consistent, organisation-wide response to risk by developing alternative courses of action, evaluating them, and determining an appropriate course of action that aligns with the organisation’s risk tolerance.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Monitoring Risk

A

Involves checking the effectiveness of risk responses, identifying changes, and ensuring that planned risk responses are implemented to meet security requirements.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Risk Tolerance

A

An organisations willingness to accept and manage risk, guiding decisions on how much risk is acceptable.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Vulnerability

A

Vulnerabilities are weaknesses in systems or assets that could be exploited to cause harm or loss.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Threat

A

A threat is anything that can potentially harm or damage an organisation, its assets or its operations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly