R-GLOSSARY Flashcards
Reciprocal agreement
Emergency processing agreements among two or more organizations with similar equipment or applications. Typically, participants promise to provide processing time to each other when an emergency arises.
Recovery action
Execution of a response or task according to a written procedure
Recovery point objective (RPO)
Determined based on the acceptable data loss in case of a disruption of operations. It indicates the earliest point in time to which it is acceptable to recover data. It effectively quantifies the permissible amount of data
loss in case of interruption.
Recovery time objective (RTO)
The amount of time allowed for the recovery of a business function or resource after a disaster occurs
Redundant Array of Inexpensive Disks (RAID)
Provides performance improvements and fault-tolerant capabilities, via hardware or software solutions, by writing to a series of multiple disks to improve performance and/or save large files simultaneously
Redundant site
A recovery strategy involving the duplication of key information technology components, including data or other key business processes, whereby fast recovery can take place
Request for proposal (RFP)
A document distributed to software vendors requesting them to submit a proposal to develop or provide a software product
Residual risk
The remaining risk after management has implemented risk response
Resilience
The ability of a system or network to resist failure or to recover quickly from any disruption, usually with minimal recognizable effect
Return on investment (ROI)
A measure of operating performance and efficiency, computed in its simplest form by dividing net income by the total investment over the period being considered
Return on security investment (ROSI)
An estimate of return on security investment based on how much will be
saved by reduced losses divided by the investment
Risk
The combination of the probability of an event and its consequence.
(ISO/IEC 73). Risk has traditionally been expressed as Threat ×
Vulnerabilities = Risk.
Risk analysis
The initial steps of risk management:
analyzing the value of assets to the business,
identifying threats to those assets and evaluating how vulnerable
each asset is to those threats.
It often involves an evaluation of the probable frequency of a particular event, as well as the probable impact of
that event.
Risk appetite
The amount of risk, on a broad level, that an entity is willing to accept in pursuit of its mission
Risk assessment
A process used to identify and evaluate risk and potential effects. Risk assessment includes assessing the critical functions necessary for an organization to continue business operations, defining the controls in place to reduce organization exposure and evaluating the cost for such controls. Risk analysis often involves an evaluation of the probabilities of a particular event.
