Conceitos Flashcards
A segurança do pessoal consiste
na aplicação de medidas que se destinam a garantir que o acesso às ICUE só seja concedido a quem: — tenha necessidade de tomar conhecimento das informações
A segurança física consiste .
na aplicação de medidas físicas e técnicas de proteção destinadas a dissuadir o acesso não autorizado a ICUE
Intelligence Cycle:
Planning and Direction, Collection, Processing and Exploitation, Analysis and Production, Dissemination, ReEvaluation
Risk:
The combination of an event probability by the impact
Security Risk Management Process (2015/444)
means the entire process of identifying, controlling and minimising uncertain events that may affect the security of an organization or any of the systems it uses.
It covers the entirety of risk related activities, including assessment treatment acceptance and communication.
Threat (2015/444)
Means a potential cause of an unwanted incident which may result in harm to an organization, or any system it uses. Such threats may be accidental or deliberate (malicious) and are characterized by threatening elements, potential targets and attack methods
Vulnerability (2015/444)
means a weakness of any nature that can be exploited by one or more threats. A vulnerability may be an omission or it may relate to a weakness in controls in terms of their strength, completeness or consistency and may be of a technical, procedural, physical , organisational or operational nature
Efective Risk Management (ISO 31000) principles
Integrated
Structured and Comprehensive
Customized
Inclusive
Efective Risk Management (ISO 31000) principles
Integrated Structured and Comprehensive Customized Inclusive Dynamic Best available information Human and cultural factors Continual improvement
Risk Assessment (ISO 31000)
Risk assessment is the overall process of risk identification, risk analysis and risk evaluation.
Risk options
Avoiding Taking Removing the risk source changing the likelihood changing the consequences sharing the risk retaining the risk by informed decision.
ISO 31010
Risk managment - Risk assessment techniques