Key Terms 4 Flashcards

1
Q

Risk Management Guide for Information Technology Systems A U.S. federal standard that is focused on IT risks.

A

NIST 800-30

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

A focused, qualitative approach that carries out prescreening to save time and money.

A

Facilitated Risk Analysis Process (FRAP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Team-oriented approach that assesses organizational and IT risks through facilitated workshops.

A

Operationally Critical Threat, Asset, and Vulnerability Evaluation
(OCTAVE)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Australia and New Zealand business risk management assessment approach.

A

AS/NZS 4360

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

International standard for the implementation of a risk management program that integrates into an information security management system (ISMS).

A

ISO/IEC 27005

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Approach that dissects a component into its basic functions to identify flaws and those flaws’ effects.

A

Failure Modes and Effect Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Approach to map specific flaws to root causes in complex systems.

A

Fault tree analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Central Computing and Telecommunications Agency Risk Analysis and Management Method.

A

CRAMM

How well did you know this?
1
Not at all
2
3
4
5
Perfectly