Tools Flashcards
What is an alternate name for the PDCA?
The Plan-Do-Check-Act model of total quality management is also known as the Deming Cycle.
What is the Plan component of PDCA?
Define root causes, events, problems, and then analyze them.
What is the Do component of PDCA?
The development of a solution, a detailed action plan. The goal is to write a plan that will be used continuously as a test/trial and not to sit and gather dust on the shelf. Finally, Implement the plan as part of DO.
What is the Check component of PDCA?
During the check stage the outcomes are compared against the plan and deviations/issues are identified.
What is the ACT component of PDCA?
Standardize the solution if it is working and review any deviations/issues and then restart the PDCA cycle if needed.
What is SWOT and what does it stand for?
Strengths
Weaknesses
Opportunities
Threats
SWOT is a situational business process that can be adapted to security, which focuses on internal and external factors.
Define SMART. What is it used for?
Goal Setting:
Specific
Measurable
Aggressive but Achievable
Realistic
Time Bound
What are the 6 steps and sub-steps for preparing an Organizational Resilience plan according to ASIS?
1) Start: Know the Organization
2) Security Policy: Obtain high level commitment
3) Planning: Risk assessments and Impact analysis’s
4) Implementation and operation
4a: Organizational structures and responsibility needed to develop the strategic plan.
4b: Training, awareness, and competence.
4c: Communication
4d: Documentation4e: Incident preparedness and response plans
5) Checking and Corrective Action
5a: Performance evaluation
5b: Monitoring and Measurement
5c: Important Business records.
5d: Audits.
6) Management Review
What is ESRM?
Enterprise Security Risk Management is a strategic approach to security management that ties an organizations security practice to the overall strategy.
