Search results
Jump to navigation
Jump to search
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business needs may not be met or adequate data safeguards may not be imple ...5 KB (699 words) - 19:59, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Users may have inappropriate access to the application system.'''<br> ...2 KB (330 words) - 18:17, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: In-House and or Package applications may not meet all business and applica ...6 KB (878 words) - 13:34, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...2 KB (323 words) - 15:09, 3 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...2 KB (340 words) - 17:40, 5 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...6 KB (819 words) - 13:54, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: The transfer of programs into the live environment is not appropriately co ...2 KB (346 words) - 20:00, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs.'''<br> ...2 KB (338 words) - 19:03, 17 April 2007
- ...r handling and correction, and formal approval. Based on assessment of the risk of system failure and errors on implementation, the plan should include req '''Risk Association Control Activities:'''<br> ...2 KB (322 words) - 17:43, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...product. Where additional functionality is supplied and causes a security risk, this should be disabled or the proposed control structure should be review ...5 KB (649 words) - 18:23, 5 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: nformation security and business requirements may be compromised. Inaccura ...4 KB (506 words) - 20:00, 25 June 2006
- ...Motion In Limine: An Effective Procedural Device With No Material Downside Risk, 16 New Eng LR 171 (1981); Graham, Evidence and Trial Advocacy Workshop: Ru ...740 bytes (110 words) - 12:25, 28 February 2009
- ...xecutives, business units, individual users, suppliers, security officers, risk managers, the corporate compliance group, outsourcers and offsite managemen '''Risk Association Control Activities:'''<br> ...2 KB (342 words) - 18:20, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: A project that does not meet business requirements for internal controls a ...3 KB (367 words) - 16:28, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Financial systems fail due to a lack of operational procedures being execu ...2 KB (351 words) - 17:03, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...3 KB (365 words) - 19:02, 17 April 2007
- :* Insurance cannot adequately cover the reputation and compliance risk related to customer relationships and privacy. :* Third-party risk from companies responsible for security of financial institution systems or ...3 KB (469 words) - 13:30, 10 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Terminated entities create unacceptable control risks to the Company.'''<b ...3 KB (366 words) - 16:39, 26 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...10 KB (1,393 words) - 14:28, 23 June 2006
- * Risk and compliance with regulations.<br> '''Risk Association Control Activities:'''<br> ...3 KB (362 words) - 12:33, 4 May 2006
- '''Risk Association Control Activities:''' ::'''1. Risk: Insufficient configuration controls can lead to security and availability ...4 KB (506 words) - 18:44, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...2 KB (351 words) - 13:57, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs.'''<br> ...3 KB (356 words) - 17:11, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...4 KB (501 words) - 18:24, 25 June 2006
- ==Areas of risk== ...4 KB (588 words) - 17:23, 26 March 2007
- ...y-generated processes; [[It-governance | governance]], [[Risk_management | risk]], and [[compliance]] activities; management reviews, and Microsoft Solutio ...tegrated approach to IT service management activities through the use of [[risk management]], [[Change_control | change management]], and controls. It also ...3 KB (461 words) - 14:19, 23 April 2010
- '''Risk Association Control Activities:''' ::'''1. Risk: Controls provide reasonable assurance that policies and procedures that de ...4 KB (537 words) - 13:57, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...4 KB (530 words) - 11:58, 23 June 2006
- '''Risk Association Control Activities:'''<br> ...product. Where additional functionality is supplied and causes a security risk, this should be disabled or the proposed control structure should be review ...5 KB (730 words) - 19:05, 17 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs.'''<br> ...3 KB (397 words) - 13:28, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Information security and business requirements may be compromised. Inaccur ...6 KB (804 words) - 12:14, 23 June 2006
- ...upport the institution’s technology needs, the ultimate responsibility and risk rests with the institution. Financial institutions are required under the 5 ...at they are maintaining those controls when indicated by the institution’s risk assessment ...6 KB (829 words) - 19:14, 17 April 2007
- [[PO4.8:| 4.8 Responsibility for Risk, Security and Compliance]]<br> [[PO6.2:| 6.2 Enterprise IT Risk and Internal Control Framework]]<br> ...4 KB (517 words) - 19:07, 14 June 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: In-House and or Package applications may not meet all business and applica ...3 KB (390 words) - 12:10, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Information security and business requirements may be compromised. Inaccur ...6 KB (863 words) - 13:12, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs.'''<br> ...3 KB (393 words) - 17:18, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: The transfer of programs into the live environment may not be appropriatel ...3 KB (377 words) - 14:55, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...4 KB (538 words) - 13:16, 23 June 2006
- ...including financial worth, the risk of not delivering a capability and the risk of not realizing the expected benefits.<br> ==Risk Association Control Activities:== ...6 KB (847 words) - 17:21, 25 April 2007
- ...ore broadly-focused of these two fields, IA consists more of the strategic risk management of information systems rather than the creation and application ...of the threats' impact and the probability of their occurring is the total risk to the information asset. ...7 KB (983 words) - 10:41, 15 April 2012
- ...critical activities by the end of the business day could present systemic risk. The agencies believe that many, if not most, of the 15-20 major banks and :* Risk assessment ...5 KB (705 words) - 13:42, 30 May 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that policies and procedures that de ...3 KB (432 words) - 12:23, 23 June 2006
- ==Transaction or Operations Risk== ...risk exists in each product and service offered. The level of transaction risk is affected by the structure of the institution’s processing environment, i ...11 KB (1,523 words) - 10:04, 28 April 2007
- '''Risk Association Control Activities:''' ::'''1. Risk: Insufficient configuration controls can lead to security and availability ...3 KB (429 words) - 18:55, 25 June 2006
- ...egrity, confidentiality, and accountability, with a different appetite for risk on the part of management. ...trategies should consider the different risk environment and the degree of risk mitigation necessary to protect the institution in the event the continuity ...9 KB (1,274 words) - 00:17, 1 June 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...3 KB (451 words) - 17:52, 5 May 2006
- ::'''4. Risk: Poorly serviced systems do not deliver as required and financial informati ::'''4. Risk: Poorly serviced systems do not deliver as required and financial informati ...4 KB (520 words) - 15:27, 25 June 2006
- ...tion seeks to control its business risk rather than the client's portfolio risk. [[Category:Risk]] ...4 KB (607 words) - 18:29, 16 February 2007
- '''Risk Association Control Activities:''' ::'''1. Risk: Users may have inappropriate access to the application system.'''<br> ...5 KB (666 words) - 15:23, 25 June 2006
- *4: [[Risk management|Risk assessment and treatment]] - analysis of the organization's information sec ...iate to its particular circumstances. (The introduction section outlines a risk assessment process although there are more specific standards covering this ...6 KB (847 words) - 16:57, 26 March 2007
- ...ted as much information about the case as possible. This will minimize the risk that the client will become uncooperative and resentful of the attorney bef ...1 KB (227 words) - 13:31, 22 February 2009
- '''Risk Association Control Activities:'''<br> ...1 KB (146 words) - 17:19, 7 June 2006
- ...ask the client what he or she thinks is the most rational decision. If the risk is great, and the punishment that can be bargained for is light, the client ...3 KB (603 words) - 17:57, 22 February 2009
- '''(1)''' provides information security protections commensurate with the risk and magnitude of the harm resulting from the unauthorized access, use, disc ...709 bytes (103 words) - 10:41, 2 June 2010
- '''(1)''' provides information security protections commensurate with the risk and magnitude of the harm resulting from the unauthorized access, use, disc ...709 bytes (103 words) - 21:02, 3 June 2010
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...3 KB (475 words) - 13:09, 23 June 2006
- * Specifications based on a thorough risk assessment, that considers appropriate algorithm selections, key management ...ntrol the installation of software on operational systems, to minimize the risk of interruptions in or corruption of information services.<br> ...9 KB (1,170 words) - 14:05, 22 May 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Third party processors create unacceptable control risks to the Company.'' ...6 KB (846 words) - 13:52, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Incidents or problems affecting financial processes are not identified res ...8 KB (1,177 words) - 19:00, 25 June 2006
- ...ny information security vulnerability in such system commensurate with the risk and in accordance with all applicable laws.<br> ...fect information security. Such protections shall be commensurate with the risk and comply with all applicable laws and regulations.<br> ...4 KB (634 words) - 13:00, 4 June 2010
- '''Risk Association Control Activities:'''<br> ...s and security staff, and specialist skills in areas such as insurance and risk management.<br> ...3 KB (470 words) - 13:39, 6 March 2007
- [[ME4.5:| 4.5 Risk Management]]<br> ...2 KB (195 words) - 19:06, 14 June 2007
- ...dards) that are needed to create, implement, and maintain a best practice, risk management-based information security program.<br> ...dards) that are needed to create, implement, and maintain a best practice, risk management-based Information Security Program.<br> ...5 KB (705 words) - 11:39, 30 May 2015
- ::'''6. Risk: Lost data could significantly impact financial reporting.''' ...2 KB (268 words) - 19:59, 25 June 2006
- '''1. Risk: Insufficient controls over processing accuracy by a third-party service pr ...2 KB (285 words) - 18:35, 14 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...4 KB (548 words) - 14:21, 4 May 2006
- ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...2 KB (297 words) - 14:38, 13 June 2006
- ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...2 KB (297 words) - 18:29, 13 June 2006
- ::'''11. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (287 words) - 18:08, 25 June 2006
- ...ny information security vulnerability in such system commensurate with the risk and in accordance with all applicable laws.<br> ...fect information security. Such protections shall be commensurate with the risk and comply with all applicable laws and regulations.<br> ...4 KB (682 words) - 19:17, 3 June 2010
- ::'''4. Risk: Lost data could significantly impact financial reporting.''' ...2 KB (280 words) - 19:58, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Development and maintenance of system with potential impact to financial r ...7 KB (975 words) - 16:57, 9 April 2007
- ::'''1. Risk: Incidents or problems affecting financial processes are not identified res ...2 KB (279 words) - 19:02, 25 June 2006
- ::'''4. Risk: Problems and/or incidents are not properly responded to, recorded, resolve ...2 KB (277 words) - 19:21, 25 June 2006
- ::'''2. Risk: Lost data could significantly impact financial reporting.''' ...2 KB (274 words) - 19:44, 25 June 2006
- ::'''1. Risk: Insufficient configuration controls can lead to security and availability ...2 KB (288 words) - 18:53, 25 June 2006
- ::'''7. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (292 words) - 17:47, 25 June 2006
- '''Risk Association Control Activities:'''<br> '''Risk Association Control Activities:'''<br> ...4 KB (544 words) - 17:11, 5 May 2006
- ::'''4. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (289 words) - 17:19, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Ongoing operations, problem resolution, an future application maintenance ...6 KB (781 words) - 12:31, 23 June 2006
- ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...2 KB (294 words) - 18:21, 14 June 2006
- Data security theory seeks to establish uniform risk-based requirements for the protection of data elements. To ensure that the ...extent of risk mitigation, and not the procedure or tool used to mitigate risk. ...9 KB (1,246 words) - 18:20, 10 April 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (235 words) - 17:48, 5 May 2006
- ::'''5. Risk: Lost data could significantly impact financial reporting.''' ...2 KB (304 words) - 19:56, 25 June 2006
- ...ontrols is low, or as many as 76 program change documents, if the level of risk initially identified from the responses to the questionnaire was determined ...ed based upon the level of inherent risk and the intended level of control risk applied against the compliance sample size table contained in Part 3 of the ...8 KB (1,155 words) - 20:14, 25 June 2006
- ::'''2. Risk: Insufficient configuration controls can lead to security and availability ...2 KB (314 words) - 18:27, 25 June 2006
- ...lly and updated as needed to reflect changes to business objectives or the risk environment. ...2 KB (296 words) - 14:47, 2 March 2007
- ::'''3. Risk: lapses in the continuity of application systems may prevent an organizatio ...2 KB (301 words) - 20:18, 25 June 2006
- ::'''2. Risk: Third party service providers are not qualified, and are incapable of deli ...2 KB (302 words) - 15:57, 25 June 2006
- ::'''2. Risk: Lapses in the continuity of application systems may prevent an organizatio ...2 KB (301 words) - 20:16, 25 June 2006
- * Periodic assessments of risk, including the magnitude of harm that could result from the unauthorized ac * Policies and procedures that are based on risk assessments, cost-effectively reduce information security risks to an accep ...9 KB (1,252 words) - 19:19, 19 April 2010
- ::'''1. Risk: Insufficient controls over processing accuracy by a third-party service pr ...2 KB (302 words) - 18:12, 14 June 2006
- ...pproved, cost effective, business enhancing changes (fixes) - with minimum risk to IT infrastructure. The goal of Change Management is to ensure that stand ...raising and recording of changes, assessing the impact, cost, benefit and risk of proposed changes, developing business justification and obtaining approv ...4 KB (588 words) - 16:23, 21 March 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (233 words) - 13:37, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (243 words) - 14:06, 5 May 2006
- ::'''3. Risk: Problems and/or incidents are not properly responded to, recorded, resolve ...2 KB (297 words) - 19:19, 25 June 2006
- ...licies and standards) that are needed to create, implement, and maintain a risk management-based Information Security Program that complies with SOX Sectio ...1 KB (204 words) - 13:03, 14 July 2006
- ::'''5. Risk: Unapproved application changes negatively impact business processing or ma ...2 KB (305 words) - 14:32, 23 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (240 words) - 19:34, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...level of logging required for individual systems should be determined by a risk assessment, taking performance degradation into account.<br> ...4 KB (586 words) - 01:37, 1 May 2006