Shared Flashcard Set

Details

CISSP (ElementK) Info Security & Mgt Goals
CISSP, Element K 2nd Edition, Lesson 4
10
Computer Science
Professional
11/17/2009
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Computer Science Flashcards

 

 

Cards

Term
Organization Goals
 Definition
Vision
Mission
Term
Organizational Structure
 Definition
Staff
Line
Matrix
Term
Audit Committee
 Definition
Accuracy of corp. records, tax reporting, Sarbanes Oxley (SOX) Act compliance
Term
Governance Requirements (5)
 Definition
Strategic Alignment of Info Security w/business strategy

Risk mgt

resource mgt

perf measurement

value delivery
Term
ISO Role
 Definition
Understand business
Budget
Develop
Train
Ensure compliance
Promote awareness
Inform
Measure
Assist
Report
Term
Organizational Security Model
 Definition
Depends on governance structure, security goals, regulatory environment, & risk level.
Term
Job Rotation
 Definition
exposing EEs to different job areas (creates highly qualified staff, exposes improper staff activity security violations, reducing risk of individual criminal acts)
Term
SoD Security Application
 Definition
individual unable to complete all phases on process (less likely for computer crimes to occur)
Term
Mandatory Vacation Security Application
 Definition
Force EE to take vacation to investigate EE activities
Term
Job Position Security Application
 Definition
Determine N2K for job function
Document into Sensitivity Profile
Administrators assign authorization permissions to indviduals based on Sensitivity Profile.
Supporting users have an ad free experience!