Domain 1: Security and Risk Management Flashcards
Audit/Auditing
The tools, processes, and activities used to perform compliance reviews.
Availability
Ensuring timely and reliable access to and use of information by authorized users.
Business Continuity(BC)
Actions, processes, and tools for ensuring an organization can continue critical operations during a contingency.
Business impact analysis(BIA)
A list of the organization’s assets, annotated to reflect the criticality of each asset to the organization.
Compliance
Adherence to a mandate; both the actions demonstrating adherence and the tools, processes, and documentation that are used in adherence.
Confidentiality
Preserving authorized restrictions on information access and disclosure, including means for protecting personal privacy and proprietary information.
Data subject
The individual human related to a set of personal data.
Disaster recovery(DR)
Those tasks and activities required to bring an organization back from contingency operations and reinstate regular operations.
Due care
A legal concept pertaining to the duty owed by a provider to a customer.
Due diligence
Actions taken by a vendor to demonstrate/provide due care.
Governance
The process of how an organization is managed; usually includes all aspects of how decisions are made for that organization, such as policies, roles. and procedures the organization uses to make those decisions.
Governance committee
A formal body of personnel who determine how decisions will be made within the organization and the entity that can approve changes and exceptions to current relevant governance.
Guidelines
Suggested practices and expectations of activity to best accomplish tasks and attain goals.
Integrity
Guarding against improper information modification or destruction and includes ensuring information non-repudiation and authenticity.
Intellectual Property
Intangible assets (notably, includes software and data).