Chapter 3

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

security systems development lifecycle

a formal approach to designing information security progams that follows the methodology of a traditional cycle

Stakeholder

A person or organization that has a "stake" or vested interest in a particular aspect of the planning or operation of the organization in this case, the information assets used in a particular organization

Joint Application Design

A systems development approach that incorporated teams of representatives from multiple constituencies, including users, management, and IT, each with a vested interest in the project;s success.

Governance, risk management and compliance

An approach to information security strategic guidance from a board of directors or senior management perspective that seeks to integrate the three components of infromation security ... .... .....

controls and safeguards

Security mechanisms, policies, or procedures that can sucessfully counter attacks, reduce risk, resolve vulnerabilities, and otherwise improve security within an organization

Strategic Planning

The process of defining and specifying the long term direction to be taken by an organization, and the allocation and acquisition of resources needed to pursue this effort

vulnerability assessment

The process of identifying and documenting specific and provanle flaws in the organizations infromation asset environment

Governance

The set of responsibilities and practices exercised by the board and executive management with the goal of providing strategic direction, ensuring that objectives are achieved ascertaining that risks are managed appropriately, and verifying that the enterprise's resources are used responsibly

Methodology

a formal approach to solving a problem based on a structured sequence of procedures, the use of which ensures a rigorous process and increases the likelihood of achieving the desired final objective

champion

a high level executive such as CIO who will provide political support and influence for a specified project

penetration testing

a set of security tests and evaluations that stimulate attacks by a malicious external source

penetration tester

an information security professional with authorization to attempt to gain system access in an effort to identify and recommend resolutions for vulnerabilities in those systems

Voir tous les ensembles d'études

Chapter 3

Ensembles d'études connexes

Micro Ch 2 LearnSmart

pharm chapter 55

Cardiovascular Surgery Care

Ch. 1 Intro to Pharmacology prepU

Introduction to Computers: Fill in the Blank

Fitness for Life Q2 Unit 5

3CTIAAAAAAAAAAAAA

TXGOVT Chapter 1

Nutrition - Chapter 4

OEH 5013 Quiz 1 Info

Anthropology Test Chapter 3- Ethnographic Research: its history, methods and theories

GEOLOGY MIDTERM

DU Entrance Exam: Survey of Art History

civis and Government

Ch.7 Using Consumer Loans

Biology 106

Exam 1

Saunders Chapter 7 practice questions

midterm practices questions

Midterm