Legal and Regulatory Requirements Flashcards

1
Q

OMB

A

Office of Mgmt and Budget - executives to standards that need to be followed and are mandated to federal agencies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

FISMA governed by

A

OMB A-130

FISMA is Federal Information Security Management Act

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

OMB separates FISMA into two diff types of systems

A

1) Federal and non-National Security Systems - NIST, FIPs (Federal Information Processing standards), SP (Special Publications) 800 series
2) National Security systems - CNSS (Committee on national security systems) - policies and instructions - creates executive order 13231, chaired by DoD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Executive Order 13231

A

Establishes President of US intent to secure national infrastructure

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

CNSS

A

Committee on National Security Systems

  • Discuss policy issues
  • Set policy
  • Set procedures and guidance for NSS (National Security Systems)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

CNSSP

A

Committee of National Security Systems Policy

establish requirements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

CNSSI

A

Committee of National Security Systems Instruction

instructions on how to handle information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

HSPD-7

A

Homeland Security Presidential Directive - HSPD-7 - policy of the US to enhance the protection of our nation’s critical infrastructure against terrorist acts

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Public Law 107-347 - eGovernment Act of 2002

A

identified the importance of information security to the US

FISMA -title III of the e-government act - Federal Information Security Management Act, which required federal agencies to provide security for the information and information systems that support the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

OMB M-00-13

A

Agencies must post clear Privacy Policies on Agency websites

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

OMB M-02-01

A

Guidance for preparing and submitting POA&Ms

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Privacy Act of 1974 (Update 2004)

A

Balance government’s need to maintain information on individuals (PII - personal identifiable information)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Other Important Legislation - HIPPA

A

Health Insurance Portability and Accountability Act - patience should have access to their health records, upholding privacy of patience

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Other Important Legislation - HITECH

A

Health Information Technology for Economic and Clinical Health - promote meaningful use of health information technology

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Other Important Legislation - Clinger-Cohen Act of 1996

A

improve the way the Federal Government uses IT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Other Important Legislation - GLBA - Financial Modernization Act of 1999

A

Gramm-Leach-Bliley Act - financial institution explain how they share and protect their customers’ information

17
Q

Other Important Legislation - PCI DSS

A

Payment Card Industry Data Security Standard - security standard for how credit cards are handled