Governance, Risk, and Compliance

Question 1

MTTR

Mean Time To Repair

Answer 1

a measure of time taken to correct a fault to restore the system to full operation

often used to describe the average time to replace or recover a system or product

Question 2

Mission Essential Function

Answer 2

things that must be performed by an organization to meet its mission

Question 3

MTBF

Mean Time Between Failures

Answer 3

average time between system breakdowns

crucial maintenance metric to measure performance, safety, and equipment design

can also be used to determine the reliability of an asset

Question 4

Data Ownership Roles

Answer 4

• Data Owner
• Data Steward
• Data Custodian
• Privacy Officer

Question 5

SPI

Sensitive Personal Information

Answer 5

information about a subject’s opinions, beliefs, and nature afforded specially protected status by privacy legislation

Question 6

GLBA

Grmm-Leach-Bliley Act

Answer 6

a U.S. law that requires financial institution to explain how they share and protect their customers’ private information

Question 7

Risk Severity = ? * Impact

Answer 7

Likelihood of occurrence

Question 8

DPO

Data Protection Officer

Answer 8

They oversee the organization’s data protection strategy and implementation, and make sure that the organization complies with the GDPR

Question 9

SLA

Service Level Agreement

Answer 9

defines the level of service the customer expects from the service provider

the level of service definitions should be specific and measurable in each area

Question 10

MOU

Memorandum of Understanding

Answer 10

a legal document that describes a mutual agreement between parties

Question 11

ISA

Interconnection Security Agreement

Answer 11

an agreement that specifies the technical and security requirements of the interconnection security requirements of the interconnection between organizations

Question 12

BPA

Business Partnership Agreement

Answer 12

a legal agreement between partners

establishes the terms, conditions, and expectations of the relationship between the partners

Question 13

Data Custodian

Answer 13

A custodian configures data protection based on security policies

Question 14

Data Owner

Answer 14

Data owners assign labels such as top secret data

Question 15

RPO

Recovery Point Objective

Answer 15

specifies the allowable data loss

the amount of times that can pass during an interuption before the quantity of data lost during that period surpasses business continuity planning’s maximum threshold

Question 16

BIA

Business Impact Analysis

Answer 16

helps to identify critical systems by determining which systems will create the largest impact if they are not available