Quick Tips 2 Flashcards
A BLANK, also called a safeguard or control, mitigates the risk.
countermeasure
A BLANK can be administrative, technical, or physical and can provide deterrent, preventive, detective, corrective, or recovery protection.
control
A BLANK is an alternate control that is put into place because of financial or business functionality reasons.
compensating control
BLANK is a framework of control objectives and allows for IT governance.
CobiT
BLANK is the standard for the establishment, implementation, control, and improvement of the information security management system.
ISO/IEC 27001
The BLANK series were derived from BS 7799 and are international best practices on how to develop and maintain a security program.
ISO/IEC 27000
BLANK are used to develop architectures for specific stakeholders and present information in views.
Enterprise architecture frameworks
An BLANK is a coherent set of policies, processes, and systems to manage risks to information assets as outlined in ISO\IEC 27001.
information security management system (ISMS)
BLANK is a subset of business architecture and a way to describe current and future security processes, systems, and subunits to ensure strategic alignment.
Enterprise security architecture
BLANK are functional definitions for the integration of technology into business processes.
Blueprints
BLANK are used to build individual architectures that best map to individual organizational needs and business drivers.
Enterprise architecture frameworks
BLANK is an enterprise architecture framework, and BLANK is a security enterprise architecture framework.
Zachman, SABSA
BLANK is a governance model used to help prevent fraud within a corporate environment.
COSO
BLANK is a set of best practices for IT service management.
ITIL
BLANK is used to identify defects in processes so that the processes can be improved upon.
Six Sigma
