Search results
Jump to navigation
Jump to search
- ...dance with the defined acceptance plan and based on an impact and resource assessment that includes performance sizing in a separate test environment by an indep '''Risk Association Control Activities:'''<br> ...3 KB (497 words) - 14:57, 23 June 2006
- ...ore broadly-focused of these two fields, IA consists more of the strategic risk management of information systems rather than the creation and application ...of the threats' impact and the probability of their occurring is the total risk to the information asset. ...7 KB (983 words) - 10:41, 15 April 2012
- ...ablished in the Asset Protection Policy, Acceptable Use Policy, and Threat Assessment and Monitoring Policy.<br> ...port the objectives established in the Asset Protection Policy, and Threat Assessment and Monitoring Policy.<br> ...8 KB (1,023 words) - 17:25, 24 October 2006
- =='''Sample Threat Assessment Standard'''== ...Policy''']] defines objectives for establishing specific standards on the assessment and ongoing monitoring of threats to Company information assets.<br> ...8 KB (1,149 words) - 14:09, 1 May 2010
- '''ME 1.4 Performance Assessment'''<br> '''Risk Association Control Activities:'''<br> ...2 KB (263 words) - 12:37, 4 May 2006
- ::'''(B)''' an assessment (made on the basis of the results of the testing) of compliance with—<br> ...ny information security vulnerability in such system commensurate with the risk and in accordance with all applicable laws.<br> ...4 KB (682 words) - 19:17, 3 June 2010
- [[PO1.3:| 1.3 Assessment of Current Performance]]<br> [[PO4.8:| 4.8 Responsibility for Risk, Security and Compliance]]<br> ...4 KB (517 words) - 19:07, 14 June 2007
- Identify and initiate remedial actions based on the performance monitoring, assessment and reporting. This includes follow-up of all monitoring, reporting and ass '''Risk Association Control Activities:'''<br> ...2 KB (284 words) - 12:41, 4 May 2006
- ...Policy''']] defines objectives for establishing specific standards on the assessment and ongoing management of vulnerabilities.<br> ...le Vulnerability Assessment and Management Policy:|'''Sample Vulnerability Assessment and Management Policy''']], and provides specific instructions and requirem ...9 KB (1,122 words) - 14:12, 1 May 2010
- '''Risk Association Control Activities:''' ::'''1. Risk: Insufficient configuration controls can lead to security and availability ...3 KB (429 words) - 18:55, 25 June 2006
- * Periodic assessments of risk, including the magnitude of harm that could result from the unauthorized ac * Policies and procedures that are based on risk assessments, cost-effectively reduce information security risks to an accep ...9 KB (1,252 words) - 19:19, 19 April 2010
- * Specifications based on a thorough risk assessment, that considers appropriate algorithm selections, key management and other ...ntrol the installation of software on operational systems, to minimize the risk of interruptions in or corruption of information services.<br> ...9 KB (1,170 words) - 14:05, 22 May 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...10 KB (1,393 words) - 14:28, 23 June 2006
- ...ly used where the impact of a change could have severe [[Risk_management | risk]] and or financial consequence. Typical examples from the computer and comp ...'''IMPACT ASSESSMENT'''. The IMPACT ASSESSOR or ASSESSORS then make their risk analysis and make a judgment on who should carry out the Change, typically ...3 KB (533 words) - 14:15, 23 April 2010
- Optimize the investment, use and allocation of IT assets through regular assessment, making sure that IT has sufficient, competent and capable resources to exe '''Risk Association Control Activities:'''<br> ...2 KB (329 words) - 13:34, 4 May 2006
- ...ess needs, patch management and upgrade strategies, risks, vulnerabilities assessment and security requirements.<br> '''Risk Association Control Activities:'''<br> ...6 KB (819 words) - 13:54, 23 June 2006
- '''Risk Association Control Activities:'''<br> ...s and security staff, and specialist skills in areas such as insurance and risk management.<br> ...3 KB (470 words) - 13:39, 6 March 2007
- Translate business information requirements, IT configuration, information risk action plans and information security culture into an overall IT security p '''Risk Association Control Activities:''' ...10 KB (1,333 words) - 17:44, 25 June 2006
- # [[IT risk management#Risk assessment|Risk assessment]] ...ering this area such as [[ISO/IEC 27005]]. The use of information security risk analysis to drive the selection and implementation of information security ...8 KB (1,111 words) - 10:30, 15 April 2012
- ...critical activities by the end of the business day could present systemic risk. The agencies believe that many, if not most, of the 15-20 major banks and :* Risk assessment ...5 KB (705 words) - 13:42, 30 May 2007