Chapter 2: Personnel & Risk Management

Больше похоже на это

Operating System - OS

от Jesus Anelio Reyes Azuero

coll 100 concept map

от Luis Leon

The 8 Functional Areas of Human Resources

от July Alejandra Sierra Velandia

Layered Application

от Daniel Sima

Establish Security Training

Overview

Education

Training

Awareness

Chapter 2: Personnel & Risk Management

Apply Risk Management Concepts

Risk Framework

Monitor

Authorize

Assess

Implement

Select

Categorize

Continuous Improvement

Tangible and InTangible that leads to valuation of assets

Monitoring & Measurement

Implementation

Defense in Depth

Types of Controls

Directive

Recovery

Corrective

Compensating

Detective

Preventive

Deterrent

Physical

Administrative

Technical

Countermeasure Selection and Assessment

Provide Fail Safe and/or Fail Secure Options

Overrides to Privileged Users Only

Tamperproof

Risk Assignment/ Acceptance

Understand Control Gap

Rejection

Acceptance

Assignment

Mitigation

Risk Assessment/ Analysis

Qualitative

Quantitative Risk

Calc Safeguard Cost/Benefit

Calc Safeguard Costs

Calc ALE w/ Safeguard

Annualized Loss Expectancy

Annualized Rate of Return

Single Loss Expectancy

Exposure Factor

Identify Threats and Vulnerabilties

Disgruntled Employees

Users Errors

Viruses

Risk Terminology

Breach

Attack

Safeguard

Risk

Exposure

Vulnerability

Threats

Asset Valuation

Asset

Security Governance

Documentation Review

ATO/TATO

3rd Party Governance

Definition

Personnel Security Policies

Employment Items

Vendors & Consultants

Policy

SOX

HIPPA

Compliance

SLA's

Termination

Agreement/ Policies

Screening

Concepts

Job Rotation

Peer Auditing & Collusion

Job Responsibilities

Least Privilege

Separation of Duties

Collusion

Job Description 1st