Compliance and Frameworks 3.1 Flashcards

1
Q

Compliance

A

IT security has a lot of compliance standards to meet. Laws, policies, regulations. There are many catalogs of rules based on industry or based on the data you are handling. There are potential fines, loss of employment, or even incarceration. The regulations could be domestic or international.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Sarbanes-Oxly Act (SOX)

A

Regulator, the Public Company Accounting Reform and Investor Protection Act of 2002. If you are a public company, you will deal with a lot of these regulations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

The Health Insurance Portability and Accountability Act (HIPPA)

A

Extensive healthcare standards for storage, use, and transmission of health care information. Penalties for no compliance here can be very harsh.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

The Gramm-Leach-Bliley Act of 1999 (GLBA)

A

Disclosure of privacy information from financial institutions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Industry-Specific Frameworks

A

Control Objective for Information and Related Technologies (COBIT).

Information Technology Infrastructure Library (ITIL).

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Control Objective for Information and Related Technologies (COBIT)

A

Focuses on IT regulatory compliance, risk management, and aligning TI strategy with organizational goals.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Information Technology Infrastructure Library (ITIL).

A

They are now just know as ITIL. Focuses on multiple stages of the IT lifecycle. Service design, service transition, service operations, service strategy, continual service improvement.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly