Shared Flashcard Set

Details

ISO/IEC 270001
Principals
4
Other
Beginner
02/09/2019
Click here to study/print these flashcards.

Create your own flash cards! Sign up here.

Additional Other Flashcards

 

 

Cards

Term

Risk

 

Risk Management 

 

Threat 

 

Vulnerability

 

Information security 

 Definition

Risk - Likelihood of something happening

 

Risk Management - Process to identify information security risks and to evaluate and deal with those matters

 

Anything that can harm information. Manmade or natural

 

Vulnerability - Weakness that can be used to harm information asset

 

Information asset - Content of valuable information and it's container
Term

Content of an organisation

 

Three parts

 Definition

External - Economic, social, political etc.

 

Internal - Company culture, contracts, employees etc.

 

Interested parties and their needs and expectations - Competitors, clients, associates, authorities etc. 
Term
Scope
 Definition

Boundaries and applicability of the ISMS

 

Can cover either;

- Entire organisation

- Parts of the organisation

 

Considerations;

- Internal/External parties

- Interest parties and their needs and expectations

- Interfaces and dependencies (suppliers etc.)
Term
Leadership and Management
 Definition

Scope decides where to implement 

 

But implementation should start with Top Management

 

Must demonstrate leadership and commitment

 

Their respect to the ISMS is vital
Supporting users have an ad free experience!