Risk Management Flashcards

1
Q

What are standard operating procedures?

A

Important day-to-day processes that happen regularly through the same steps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are interoperability agreements?

A

Legal documented agreements

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are some examples of common agreements?

A
Service Level Agreement (SLA)
Business Partners Agreement (BPA)
Interconnection Security Agreement (ISA)
Memorandum of Understanding (MOU)
Memorandum of Agreement (MOA)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are examples of business policies?

A
Mandatory Vacations (for better chance of identifying fraud)
Job rotation (no one maintains control for long period of time)
Separation of duties (no single person has all the details for a function)
Dual control (both people must be present to perform the action)
Clean desk policy (limit exposure)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is an Acceptable Use Policy (AUP)?

A

Detailed documentation of different topics regarding the organization - Internet, Telephone, Computer, etc.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are Role-based security awareness training?

A

User training to pass down the responsibilities for each of them

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Who is the data owner?

A

Executive level manager, responsible for the security of the data and compliance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a system administrator

A

Administrator of the systems that enable the application and data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a system owner?

A

Someone that makes decisions about the overall operation of the application and data
Defines security and backup policies
Manages changes and updates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are some user roles?

A

User
Privileged user
Executive user

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are important points when considering the impact?

A
Life
Property
Safety
Finance
Reputation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a Privacy Threshold Analysis (PTA)?

A

The first process into compliance, where privacy-sensitive business processes are identified and determined

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is a Privacy Impact Assessment (PIA)?

A

Assessment to ensure privacy laws and regulations
Know what PII is collected and why
How the PII is collected, used and secured

How well did you know this?
1
Not at all
2
3
4
5
Perfectly