Search results
Jump to navigation
Jump to search
Page title matches
- ...risk management method is in the context of project management, security, risk analysis, industrial processes, financial portfolios, actuarial assessments ...of the risk, and accepting some or all of the consequences of a particular risk. ...27 KB (4,185 words) - 23:45, 10 March 2010
- ==Risk Mitigation== ...esholds and parameters. While not a control, insurance can be an effective risk mitigation tool. Management should balance controls against business operat ...655 bytes (85 words) - 19:15, 17 April 2007
- ==Risk Analysis== Risk analysis is a technique to identify and assess factors that may jeopardize ...1 KB (215 words) - 18:32, 13 April 2007
- ...ess. Risk assessment is [[measurement|measuring]] two quantities of the [[risk]] ''R'', the magnitude of the potential loss ''L'', and the probability ''p :[[image:risk.jpg|thumb|400px|Risk]] ...10 KB (1,633 words) - 16:03, 22 December 2007
- ==IT Risk Management Process== ...ent process. Therefore, the ability to mitigate IT risks is dependent upon risk assessments. Senior management should identify, measure, control, and monit ...4 KB (528 words) - 16:58, 28 March 2010
- 193 bytes (24 words) - 10:57, 16 March 2010
- ==Risk Management== ...cepting some or all of the consequences of a particular risk. Traditional risk management focuses on risks stemming from physical or legal causes (e.g. na ...43 KB (6,368 words) - 11:22, 4 July 2015
- [[File:Risk-Calculator-Flowchart-Generic-MDP-2013122401.jpg]] ...3 KB (411 words) - 12:27, 16 October 2014
- 2 KB (382 words) - 20:24, 27 February 2008
- ...anized, systematic approach, you can approach risk management effectively. Risk simply put is the negative impact to business assets by the exercise of vul ...am for a commercial enterprise, the processes of calculating the cost of a risk exposure and what the appropriate costs of mitigating those risks should be ...23 KB (3,630 words) - 10:19, 27 October 2012
- '''Sustainable Risk Reduction Through Information Security Process Awareness Test Template.'''< ...by <Your Company Name> to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (305 words) - 17:31, 3 August 2006
- '''Sustainable Risk Reduction Through Information Security Process Awareness Test Template.'''< ...by <Your Company Name> to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (309 words) - 17:34, 3 August 2006
Page text matches
- ==Risk Analysis== Risk analysis is a technique to identify and assess factors that may jeopardize ...1 KB (215 words) - 18:32, 13 April 2007
- ==Risk Mitigation== ...esholds and parameters. While not a control, insurance can be an effective risk mitigation tool. Management should balance controls against business operat ...655 bytes (85 words) - 19:15, 17 April 2007
- '''ME 4.5 Risk Management'''<br> ...sight, and their actual and potential business impact. The enterprise’s IT risk position should be transparent to all stakeholders.<br> ...2 KB (334 words) - 13:36, 4 May 2006
- ...nt]], [[Contingency Plan Testing]], and [[Risk_Assessment_and_Treatment: | Risk Management]]. ...464 bytes (58 words) - 13:24, 30 April 2007
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...6 KB (766 words) - 13:42, 23 June 2006
- '''Sustainable Risk Reduction Through Information Security Process Awareness Test Template.'''< ...by <Your Company Name> to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (305 words) - 17:31, 3 August 2006
- '''Sustainable Risk Reduction Through Information Security Process Awareness Test Template.'''< ...by <Your Company Name> to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (309 words) - 17:34, 3 August 2006
- '''PO 9.1 IT and Business Risk Management Alignment'''<br> ...amework. This includes alignment with the organization’s risk appetite and risk tolerance level.<br> ...3 KB (377 words) - 14:10, 8 August 2006
- '''1. Risk: Unauthorized users might exploit unauthorized access to critical business '''2. Risk: Unnecessary disruptions to business processes or data corruption may occur ...6 KB (729 words) - 13:40, 23 June 2006
- '''1 Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...6 KB (821 words) - 18:11, 28 August 2006
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...6 KB (779 words) - 13:45, 23 June 2006
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...6 KB (816 words) - 13:41, 23 June 2006
- ...tion Through Information Security Process Testing Template:|'''Sustainable Risk Reduction Through Information Security Process Testing Template''']]<br> ...questions can be used to gauge and promote end-user awareness of managing risk with the use of security processes.<br> ...2 KB (289 words) - 16:08, 3 August 2006
- '''PO 9.2 Establishment of Risk Context'''<br> ...comes. This includes determining the internal and external context of each risk assessment, the goal of the assessment and the criteria against which risks ...2 KB (317 words) - 20:10, 1 May 2006
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...7 KB (901 words) - 13:44, 23 June 2006
- '''1 Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...7 KB (895 words) - 13:44, 23 June 2006
- '''1. Risk: Unauthorized access attempts go unnoticed.'''<br> '''2. Risk: Unauthorized execution of privileged system commands may disrupt business ...7 KB (901 words) - 13:43, 23 June 2006
- ...selection and design of the layout of a site should take into account the risk associated with natural and man-made disasters, while considering relevant '''Risk Association Control Activities:'''<br> ...2 KB (350 words) - 18:15, 5 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Job schedules can be easily ignored or circumvented, resulting in processi ...3 KB (467 words) - 18:39, 5 May 2006
- ==IT Risk Management Process== ...ent process. Therefore, the ability to mitigate IT risks is dependent upon risk assessments. Senior management should identify, measure, control, and monit ...4 KB (528 words) - 16:58, 28 March 2010
- '''Risk Association Control Activities:''' ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...3 KB (408 words) - 16:10, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Computer equipment may be compromised by accidental damage.''' ...2 KB (267 words) - 18:29, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...4 KB (517 words) - 18:12, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Computer equipment may be compromised by accidental damage.''' ...2 KB (268 words) - 15:01, 8 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Development and maintenance of system with potential impact to financial r ...4 KB (583 words) - 12:06, 23 June 2006
- ==Risk Association Control Activities:== ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...3 KB (366 words) - 18:00, 25 April 2007
- ...a classification, the organization’s information security architecture and risk profile. Issues to consider include access rights and privilege management, '''Risk Association Control Activities:'''<br> ...3 KB (374 words) - 15:05, 3 May 2006
- '''PO 9.4 Risk Assessment'''<br> ...e methods. The likelihood and impact associated with inherent and residual risk should be determined individually, by category and on a portfolio basis.<br ...2 KB (304 words) - 20:21, 1 May 2006
- ==AI 1.2 Risk Analysis Report== ==Risk Association Control Activities:== ...2 KB (269 words) - 23:52, 14 June 2007
- '''PO 9.5 Risk Response'''<br> ...fits and select responses that constrain residual risks within the defined risk tolerance levels.<br> ...5 KB (738 words) - 20:24, 1 May 2006
- '''PO 4.8 Responsibility for Risk, Security and Compliance'''<br> ...ity issues. Obtain direction from senior management on the appetite for IT risk and approval of any residual IT risks.<br> ...3 KB (370 words) - 18:04, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that policies and procedures that de ...3 KB (471 words) - 12:32, 23 June 2006
- '''PO 9.6 Maintenance and Monitoring of a Risk Action Plan'''<br> Prioritize and plan the control activities at all levels to implement the risk responses identified as necessary, including identification of costs, benef ...2 KB (325 words) - 01:16, 2 May 2006
- '''PO 10.9 Project Risk Management'''<br> '''Risk Association Control Activities:'''<br> ...3 KB (403 words) - 12:37, 23 June 2006
- ==Risk Association Control Activities:== ::'''1. Risk: Conflicting access credential may violate confidentiality, [[Privacy | pri ...3 KB (362 words) - 23:55, 14 June 2007
- ==Risk Association Control Activities:== ::'''1. Risk: Operational failures may not be identified and resolved in an appropriate, ...2 KB (297 words) - 18:35, 25 April 2007
- ...requirements regarding delivery of value from IT investments, appetite for risk, integrity, ethical values, staff competence, accountability and responsibi '''Risk Association Control Activities:'''<br> ...4 KB (580 words) - 18:00, 23 June 2006
- ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...2 KB (295 words) - 15:33, 25 June 2006
- ::'''1. Risk: The transfer of programs into the live environment is not appropriately co 1. Determine that a risk assessment of the potential impact of changes to system software is perform ...2 KB (303 words) - 19:58, 23 June 2006
- ...tion processing. Without an adequate infrastructure, there is an increased risk that financial reporting applications will not be able to pass data between '''Risk Association Control Activities:'''<br> ...4 KB (496 words) - 17:26, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: The transfer of programs into the live environment may not be appropriatel ...3 KB (432 words) - 13:02, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...3 KB (436 words) - 14:30, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...3 KB (442 words) - 13:59, 23 June 2006
- ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...2 KB (291 words) - 16:02, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that policies and procedures that de ...5 KB (700 words) - 18:07, 23 June 2006
- ...process that identifies threats, vulnerabilities, and results in a formal risk assessment. ...2 KB (294 words) - 14:46, 2 March 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Development and maintenance of system with potential impact to financial r ...4 KB (524 words) - 15:03, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Information security and business requirements may be compromised. Inaccur ...3 KB (460 words) - 16:08, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...3 KB (396 words) - 14:02, 23 June 2006
- ...nce against key project criteria (e.g., scope, schedule, quality, cost and risk); identify any deviations from plan; assess their impact on the project and '''Risk Association Control Activities:'''<br> ...3 KB (368 words) - 02:03, 2 May 2006
- '''Risk Association Control Activities:'''<br> ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...3 KB (459 words) - 17:56, 21 June 2006
- ...ess. Risk assessment is [[measurement|measuring]] two quantities of the [[risk]] ''R'', the magnitude of the potential loss ''L'', and the probability ''p :[[image:risk.jpg|thumb|400px|Risk]] ...10 KB (1,633 words) - 16:03, 22 December 2007
- ==Risk Association Control Activities:== ...2 KB (272 words) - 18:05, 25 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Financial systems fail due to a lack of operational procedures being execu ...4 KB (550 words) - 14:34, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...3 KB (394 words) - 17:12, 22 March 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Conflicting access credential may violate confidentiality, privacy, or pos ...3 KB (382 words) - 18:02, 3 May 2006
- ==Risk Association Control Activities:== ...2 KB (270 words) - 18:10, 25 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...3 KB (394 words) - 11:59, 23 June 2006
- ==Risk Association Control Activities:== ...2 KB (278 words) - 18:21, 25 April 2007
- ...capacity forecasting of IT resources at regular intervals to minimize the risk of service disruptions due to insufficient capacity or performance degradat '''Risk Association Control Activities:'''<br> ...3 KB (490 words) - 13:42, 4 May 2006
- ...iness Security Evaluation - Comprehensive information security control and risk assessment guidance for the enterprise demystified. This presentation was o ...s covers security and business risks, anatomy of an attack, and a security risk discussion exercise.<br> ...5 KB (653 words) - 12:45, 25 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...3 KB (497 words) - 14:57, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Lost data could significantly impact financial reporting.''' ...5 KB (721 words) - 11:49, 28 March 2008
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Operational failures may not be identified and resolved in an appropriate, ...2 KB (275 words) - 18:47, 5 May 2006
- ==Risk Association Control Activities:== ...2 KB (303 words) - 18:16, 25 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...4 KB (601 words) - 15:01, 8 August 2006
- Translate business information requirements, IT configuration, information risk action plans and information security culture into an overall IT security p '''Risk Association Control Activities:''' ...10 KB (1,333 words) - 17:44, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...3 KB (436 words) - 12:51, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Systems do not meet business needs because not all business functional and ...4 KB (510 words) - 13:54, 1 May 2006
- * Assignment of responsibility for remediation (can include risk acceptance).<br> '''Risk Association Control Activities:'''<br> ...2 KB (286 words) - 13:05, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Mission critical data is not available to restart applications due to syst ...2 KB (294 words) - 14:52, 4 May 2006
- ...dures in this booklet assist examiners in evaluating financial institution risk management processes to ensure effective information technology (IT) manage ...s an essential component of effective corporate governance and operational risk management.<br> ...5 KB (645 words) - 18:03, 27 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Design and implementation of new applications may not be appropriately con ...3 KB (424 words) - 17:01, 21 June 2006
- ==Risk Association Control Activities:== ...2 KB (290 words) - 17:49, 25 April 2007
- ::'''1. Risk: Without an adequate infrastructure, there is an increased risk that financial reporting applications will not be able to pass data between ...3 KB (364 words) - 17:41, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Financial systems fail due to a lack of operational procedures being execu ...3 KB (427 words) - 17:58, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...3 KB (428 words) - 14:05, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Production processes and associated controls operate as intended and suppo ...3 KB (421 words) - 18:02, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: The impact of application system changes (e.g., hardware and software) sho ...3 KB (425 words) - 13:19, 23 June 2006
- [[Risk Assessment and Treatment:|'''Risk Assessment and Treatment''']]<br> ==COSO Enterprise Risk Management Framework Domains:== ...3 KB (378 words) - 21:27, 18 January 2015
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Production processes and associated controls operate as intended and suppo ...3 KB (420 words) - 14:06, 8 August 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Users may have inappropriate access to the application system.'''<br> ...2 KB (307 words) - 15:06, 3 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...2 KB (303 words) - 17:36, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...6 KB (870 words) - 18:08, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Employees, including individuals with special security responsibilities (s ...3 KB (442 words) - 18:58, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::*PCI.12.7: Screen potential employees to minimize the risk of attacks from internal sources. ...2 KB (312 words) - 18:19, 3 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Third party processors create unacceptable control risks to the Company.'' ...2 KB (321 words) - 15:35, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...4 KB (594 words) - 19:50, 25 June 2006
- '''Risk Association Control Activities:''' ::'''1. Risk: Lapses in the continuity of application systems may prevent an organizatio ...4 KB (522 words) - 20:12, 25 June 2006
- ==Risk Association Control Activities:== ::'''1. Risk: Segregation of duties may be compromised and unauthorized activity may occ ...4 KB (591 words) - 19:45, 14 June 2007
- '''Risk Association Control Activities:'''<br> ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...5 KB (674 words) - 18:14, 21 June 2006
- '''DS 2.3 Supplier Risk Management'''<br> ...l business standards in accordance with legal and regulatory requirements. Risk management should further consider non-disclosure agreements (NDA), escrow ...7 KB (958 words) - 16:01, 25 June 2006
- ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...3 KB (385 words) - 16:14, 25 June 2006
- '''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...709 bytes (91 words) - 13:46, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Systems do not meet business needs because not all business functional and ...3 KB (446 words) - 16:36, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs. ''' ...3 KB (456 words) - 17:15, 15 February 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...2 KB (327 words) - 13:18, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: New program developments and/or changes may be made that are unnecessary o ...2 KB (338 words) - 13:45, 6 March 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Operational failures may not be identified and resolved in an appropriate, ...2 KB (324 words) - 14:50, 4 May 2006
- '''PO 6.2 Enterprise IT Risk and Internal Control Framework'''<br> '''Risk Association Control Activities:'''<br> ...2 KB (331 words) - 18:47, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business needs may not be met or adequate data safeguards may not be imple ...5 KB (699 words) - 19:59, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Users may have inappropriate access to the application system.'''<br> ...2 KB (330 words) - 18:17, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: In-House and or Package applications may not meet all business and applica ...6 KB (878 words) - 13:34, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...2 KB (323 words) - 15:09, 3 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...2 KB (340 words) - 17:40, 5 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...6 KB (819 words) - 13:54, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: The transfer of programs into the live environment is not appropriately co ...2 KB (346 words) - 20:00, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs.'''<br> ...2 KB (338 words) - 19:03, 17 April 2007
- ...r handling and correction, and formal approval. Based on assessment of the risk of system failure and errors on implementation, the plan should include req '''Risk Association Control Activities:'''<br> ...2 KB (322 words) - 17:43, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...product. Where additional functionality is supplied and causes a security risk, this should be disabled or the proposed control structure should be review ...5 KB (649 words) - 18:23, 5 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: nformation security and business requirements may be compromised. Inaccura ...4 KB (506 words) - 20:00, 25 June 2006
- ...Motion In Limine: An Effective Procedural Device With No Material Downside Risk, 16 New Eng LR 171 (1981); Graham, Evidence and Trial Advocacy Workshop: Ru ...740 bytes (110 words) - 12:25, 28 February 2009
- ...xecutives, business units, individual users, suppliers, security officers, risk managers, the corporate compliance group, outsourcers and offsite managemen '''Risk Association Control Activities:'''<br> ...2 KB (342 words) - 18:20, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: A project that does not meet business requirements for internal controls a ...3 KB (367 words) - 16:28, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Financial systems fail due to a lack of operational procedures being execu ...2 KB (351 words) - 17:03, 21 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...3 KB (365 words) - 19:02, 17 April 2007
- :* Insurance cannot adequately cover the reputation and compliance risk related to customer relationships and privacy. :* Third-party risk from companies responsible for security of financial institution systems or ...3 KB (469 words) - 13:30, 10 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Terminated entities create unacceptable control risks to the Company.'''<b ...3 KB (366 words) - 16:39, 26 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...10 KB (1,393 words) - 14:28, 23 June 2006
- * Risk and compliance with regulations.<br> '''Risk Association Control Activities:'''<br> ...3 KB (362 words) - 12:33, 4 May 2006
- '''Risk Association Control Activities:''' ::'''1. Risk: Insufficient configuration controls can lead to security and availability ...4 KB (506 words) - 18:44, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...2 KB (351 words) - 13:57, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs.'''<br> ...3 KB (356 words) - 17:11, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...4 KB (501 words) - 18:24, 25 June 2006
- ==Areas of risk== ...4 KB (588 words) - 17:23, 26 March 2007
- ...y-generated processes; [[It-governance | governance]], [[Risk_management | risk]], and [[compliance]] activities; management reviews, and Microsoft Solutio ...tegrated approach to IT service management activities through the use of [[risk management]], [[Change_control | change management]], and controls. It also ...3 KB (461 words) - 14:19, 23 April 2010
- '''Risk Association Control Activities:''' ::'''1. Risk: Controls provide reasonable assurance that policies and procedures that de ...4 KB (537 words) - 13:57, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...4 KB (530 words) - 11:58, 23 June 2006
- '''Risk Association Control Activities:'''<br> ...product. Where additional functionality is supplied and causes a security risk, this should be disabled or the proposed control structure should be review ...5 KB (730 words) - 19:05, 17 April 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs.'''<br> ...3 KB (397 words) - 13:28, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Information security and business requirements may be compromised. Inaccur ...6 KB (804 words) - 12:14, 23 June 2006
- ...upport the institution’s technology needs, the ultimate responsibility and risk rests with the institution. Financial institutions are required under the 5 ...at they are maintaining those controls when indicated by the institution’s risk assessment ...6 KB (829 words) - 19:14, 17 April 2007
- [[PO4.8:| 4.8 Responsibility for Risk, Security and Compliance]]<br> [[PO6.2:| 6.2 Enterprise IT Risk and Internal Control Framework]]<br> ...4 KB (517 words) - 19:07, 14 June 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: In-House and or Package applications may not meet all business and applica ...3 KB (390 words) - 12:10, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Information security and business requirements may be compromised. Inaccur ...6 KB (863 words) - 13:12, 23 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: IT function does not meet the organizational needs.'''<br> ...3 KB (393 words) - 17:18, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: The transfer of programs into the live environment may not be appropriatel ...3 KB (377 words) - 14:55, 1 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security and business continuity risks are introduced by technical designs ...4 KB (538 words) - 13:16, 23 June 2006
- ...including financial worth, the risk of not delivering a capability and the risk of not realizing the expected benefits.<br> ==Risk Association Control Activities:== ...6 KB (847 words) - 17:21, 25 April 2007
- ...ore broadly-focused of these two fields, IA consists more of the strategic risk management of information systems rather than the creation and application ...of the threats' impact and the probability of their occurring is the total risk to the information asset. ...7 KB (983 words) - 10:41, 15 April 2012
- ...critical activities by the end of the business day could present systemic risk. The agencies believe that many, if not most, of the 15-20 major banks and :* Risk assessment ...5 KB (705 words) - 13:42, 30 May 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that policies and procedures that de ...3 KB (432 words) - 12:23, 23 June 2006
- ==Transaction or Operations Risk== ...risk exists in each product and service offered. The level of transaction risk is affected by the structure of the institution’s processing environment, i ...11 KB (1,523 words) - 10:04, 28 April 2007
- '''Risk Association Control Activities:''' ::'''1. Risk: Insufficient configuration controls can lead to security and availability ...3 KB (429 words) - 18:55, 25 June 2006
- ...egrity, confidentiality, and accountability, with a different appetite for risk on the part of management. ...trategies should consider the different risk environment and the degree of risk mitigation necessary to protect the institution in the event the continuity ...9 KB (1,274 words) - 00:17, 1 June 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...3 KB (451 words) - 17:52, 5 May 2006
- ::'''4. Risk: Poorly serviced systems do not deliver as required and financial informati ::'''4. Risk: Poorly serviced systems do not deliver as required and financial informati ...4 KB (520 words) - 15:27, 25 June 2006
- ...tion seeks to control its business risk rather than the client's portfolio risk. [[Category:Risk]] ...4 KB (607 words) - 18:29, 16 February 2007
- '''Risk Association Control Activities:''' ::'''1. Risk: Users may have inappropriate access to the application system.'''<br> ...5 KB (666 words) - 15:23, 25 June 2006
- *4: [[Risk management|Risk assessment and treatment]] - analysis of the organization's information sec ...iate to its particular circumstances. (The introduction section outlines a risk assessment process although there are more specific standards covering this ...6 KB (847 words) - 16:57, 26 March 2007
- ...ted as much information about the case as possible. This will minimize the risk that the client will become uncooperative and resentful of the attorney bef ...1 KB (227 words) - 13:31, 22 February 2009
- '''Risk Association Control Activities:'''<br> ...1 KB (146 words) - 17:19, 7 June 2006
- ...ask the client what he or she thinks is the most rational decision. If the risk is great, and the punishment that can be bargained for is light, the client ...3 KB (603 words) - 17:57, 22 February 2009
- '''(1)''' provides information security protections commensurate with the risk and magnitude of the harm resulting from the unauthorized access, use, disc ...709 bytes (103 words) - 10:41, 2 June 2010
- '''(1)''' provides information security protections commensurate with the risk and magnitude of the harm resulting from the unauthorized access, use, disc ...709 bytes (103 words) - 21:02, 3 June 2010
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Controls provide reasonable assurance that the systems are appropriately t ...3 KB (475 words) - 13:09, 23 June 2006
- * Specifications based on a thorough risk assessment, that considers appropriate algorithm selections, key management ...ntrol the installation of software on operational systems, to minimize the risk of interruptions in or corruption of information services.<br> ...9 KB (1,170 words) - 14:05, 22 May 2007
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Third party processors create unacceptable control risks to the Company.'' ...6 KB (846 words) - 13:52, 4 May 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Incidents or problems affecting financial processes are not identified res ...8 KB (1,177 words) - 19:00, 25 June 2006
- ...ny information security vulnerability in such system commensurate with the risk and in accordance with all applicable laws.<br> ...fect information security. Such protections shall be commensurate with the risk and comply with all applicable laws and regulations.<br> ...4 KB (634 words) - 13:00, 4 June 2010
- '''Risk Association Control Activities:'''<br> ...s and security staff, and specialist skills in areas such as insurance and risk management.<br> ...3 KB (470 words) - 13:39, 6 March 2007
- [[ME4.5:| 4.5 Risk Management]]<br> ...2 KB (195 words) - 19:06, 14 June 2007
- ...dards) that are needed to create, implement, and maintain a best practice, risk management-based information security program.<br> ...dards) that are needed to create, implement, and maintain a best practice, risk management-based Information Security Program.<br> ...5 KB (705 words) - 11:39, 30 May 2015
- ::'''6. Risk: Lost data could significantly impact financial reporting.''' ...2 KB (268 words) - 19:59, 25 June 2006
- '''1. Risk: Insufficient controls over processing accuracy by a third-party service pr ...2 KB (285 words) - 18:35, 14 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Security incidents and incompliance with information security procedures m ...4 KB (548 words) - 14:21, 4 May 2006
- ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...2 KB (297 words) - 14:38, 13 June 2006
- ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...2 KB (297 words) - 18:29, 13 June 2006
- ::'''11. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (287 words) - 18:08, 25 June 2006
- ...ny information security vulnerability in such system commensurate with the risk and in accordance with all applicable laws.<br> ...fect information security. Such protections shall be commensurate with the risk and comply with all applicable laws and regulations.<br> ...4 KB (682 words) - 19:17, 3 June 2010
- ::'''4. Risk: Lost data could significantly impact financial reporting.''' ...2 KB (280 words) - 19:58, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Development and maintenance of system with potential impact to financial r ...7 KB (975 words) - 16:57, 9 April 2007
- ::'''1. Risk: Incidents or problems affecting financial processes are not identified res ...2 KB (279 words) - 19:02, 25 June 2006
- ::'''4. Risk: Problems and/or incidents are not properly responded to, recorded, resolve ...2 KB (277 words) - 19:21, 25 June 2006
- ::'''2. Risk: Lost data could significantly impact financial reporting.''' ...2 KB (274 words) - 19:44, 25 June 2006
- ::'''1. Risk: Insufficient configuration controls can lead to security and availability ...2 KB (288 words) - 18:53, 25 June 2006
- ::'''7. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (292 words) - 17:47, 25 June 2006
- '''Risk Association Control Activities:'''<br> '''Risk Association Control Activities:'''<br> ...4 KB (544 words) - 17:11, 5 May 2006
- ::'''4. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (289 words) - 17:19, 25 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Ongoing operations, problem resolution, an future application maintenance ...6 KB (781 words) - 12:31, 23 June 2006
- ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...2 KB (294 words) - 18:21, 14 June 2006
- Data security theory seeks to establish uniform risk-based requirements for the protection of data elements. To ensure that the ...extent of risk mitigation, and not the procedure or tool used to mitigate risk. ...9 KB (1,246 words) - 18:20, 10 April 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (235 words) - 17:48, 5 May 2006
- ::'''5. Risk: Lost data could significantly impact financial reporting.''' ...2 KB (304 words) - 19:56, 25 June 2006
- ...ontrols is low, or as many as 76 program change documents, if the level of risk initially identified from the responses to the questionnaire was determined ...ed based upon the level of inherent risk and the intended level of control risk applied against the compliance sample size table contained in Part 3 of the ...8 KB (1,155 words) - 20:14, 25 June 2006
- ::'''2. Risk: Insufficient configuration controls can lead to security and availability ...2 KB (314 words) - 18:27, 25 June 2006
- ...lly and updated as needed to reflect changes to business objectives or the risk environment. ...2 KB (296 words) - 14:47, 2 March 2007
- ::'''3. Risk: lapses in the continuity of application systems may prevent an organizatio ...2 KB (301 words) - 20:18, 25 June 2006
- ::'''2. Risk: Third party service providers are not qualified, and are incapable of deli ...2 KB (302 words) - 15:57, 25 June 2006
- ::'''2. Risk: Lapses in the continuity of application systems may prevent an organizatio ...2 KB (301 words) - 20:16, 25 June 2006
- * Periodic assessments of risk, including the magnitude of harm that could result from the unauthorized ac * Policies and procedures that are based on risk assessments, cost-effectively reduce information security risks to an accep ...9 KB (1,252 words) - 19:19, 19 April 2010
- ::'''1. Risk: Insufficient controls over processing accuracy by a third-party service pr ...2 KB (302 words) - 18:12, 14 June 2006
- ...pproved, cost effective, business enhancing changes (fixes) - with minimum risk to IT infrastructure. The goal of Change Management is to ensure that stand ...raising and recording of changes, assessing the impact, cost, benefit and risk of proposed changes, developing business justification and obtaining approv ...4 KB (588 words) - 16:23, 21 March 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (233 words) - 13:37, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (243 words) - 14:06, 5 May 2006
- ::'''3. Risk: Problems and/or incidents are not properly responded to, recorded, resolve ...2 KB (297 words) - 19:19, 25 June 2006
- ...licies and standards) that are needed to create, implement, and maintain a risk management-based Information Security Program that complies with SOX Sectio ...1 KB (204 words) - 13:03, 14 July 2006
- ::'''5. Risk: Unapproved application changes negatively impact business processing or ma ...2 KB (305 words) - 14:32, 23 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (240 words) - 19:34, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...level of logging required for individual systems should be determined by a risk assessment, taking performance degradation into account.<br> ...4 KB (586 words) - 01:37, 1 May 2006
- ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...2 KB (317 words) - 18:30, 14 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (244 words) - 17:51, 5 May 2006
- ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...2 KB (306 words) - 18:32, 14 June 2006
- ::'''1. Risk: Third party processors create unacceptable control risks to the Company.'' ...2 KB (295 words) - 15:40, 25 June 2006
- ::'''1. Risk: Lapses in the continuity of application systems may prevent an organizatio ...2 KB (315 words) - 20:11, 25 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (247 words) - 17:11, 5 May 2006
- ::'''8. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (315 words) - 17:54, 25 June 2006
- ::'''3. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (317 words) - 17:15, 25 June 2006
- ::'''12. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (321 words) - 18:12, 25 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (249 words) - 18:44, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (252 words) - 13:19, 4 May 2006
- ::'''1. Risk: Up-to-date backups of programs and data may not be available when needed.' ...3 KB (335 words) - 14:05, 26 February 2007
- ::'''2. Risk: Problems and/or incidents are not properly responded to, recorded, resolve ...2 KB (325 words) - 19:12, 25 June 2006
- ::'''1. Risk: Insufficient configuration controls can lead to security and availability ...2 KB (315 words) - 18:38, 25 June 2006
- * The risk of losing sensitive information ...961 bytes (140 words) - 22:16, 15 March 2010
- ::'''4. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (305 words) - 17:36, 25 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (264 words) - 18:14, 1 May 2006
- :::'''10. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...2 KB (321 words) - 18:06, 25 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (250 words) - 20:02, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (248 words) - 17:50, 5 May 2006
- ::'''1. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...3 KB (351 words) - 16:49, 25 June 2006
- :'''Screen potential employees to minimize the risk of attacks from internal sources.'''<br> ...2 KB (319 words) - 20:10, 2 March 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (261 words) - 13:09, 4 May 2006
- ::'''2. Risk: Insufficient configuration controls can lead to security and availability ...2 KB (324 words) - 18:46, 25 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (261 words) - 13:14, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (258 words) - 14:48, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (263 words) - 12:37, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (267 words) - 12:35, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (270 words) - 18:42, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (272 words) - 13:18, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (268 words) - 19:33, 1 May 2006
- ::'''4. Risk: Lost data could significantly impact financial reporting.''' ...2 KB (313 words) - 19:39, 25 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (273 words) - 18:04, 3 May 2006
- '''7. Risk: Unidentifiable users may compromise critical business processes and data.' ...3 KB (356 words) - 17:48, 28 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (280 words) - 20:06, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (273 words) - 20:01, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (281 words) - 01:30, 2 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (274 words) - 13:47, 6 March 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (271 words) - 13:16, 4 May 2006
- ::'''1. Risk: Business needs may not be met or adequate data safeguards may not be imple ...3 KB (341 words) - 16:17, 21 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (277 words) - 17:41, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (264 words) - 17:42, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (289 words) - 13:11, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (291 words) - 13:41, 6 March 2007
- ...cification of a requirement, but has sufficiently mitigated the associated risk. See the PCI DSS Glossary for the full definition of compensating controls. ...ensating controls may be considered. Only companies that have undertaken a risk analysis and have legitimate technological or documented business constrain ...8 KB (1,208 words) - 17:00, 9 April 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (299 words) - 19:17, 22 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (289 words) - 12:56, 4 May 2006
- Risk Management.<br> ...2 KB (318 words) - 16:08, 3 August 2006
- '''''Risk Management.'''''<br> ...2 KB (322 words) - 16:10, 3 August 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (281 words) - 17:31, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (284 words) - 19:38, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (286 words) - 16:55, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (276 words) - 17:40, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (281 words) - 17:42, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (279 words) - 14:17, 3 May 2006
- ...ong to itself. Thus, a flaw in that program could put the entire system at risk. On the other hand, a Web server that runs inside a virtual private server ...2 KB (343 words) - 18:39, 14 June 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (292 words) - 19:08, 1 May 2006
- ::'''2. Risk: System integrity and availability is compromised because emergency changes ...3 KB (372 words) - 13:56, 23 June 2006
- ::'''1. Risk: Business requirements are not met or inadequately tested. Systems produce ...3 KB (354 words) - 13:39, 22 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (284 words) - 12:41, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (270 words) - 14:54, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (295 words) - 01:42, 2 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (287 words) - 17:04, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (302 words) - 17:57, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (303 words) - 18:29, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (288 words) - 14:17, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (300 words) - 13:39, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (294 words) - 18:25, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (308 words) - 18:06, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (294 words) - 13:08, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (288 words) - 14:15, 1 May 2006
- ...hange, but the modification of which could indicate a system compromise or risk of compromise. File integrity monitoring products usually come pre-configur ...3 KB (365 words) - 20:31, 2 March 2007
- ::'''4. Risk: Poorly managed systems or system functionality does not delivered as requi ...3 KB (342 words) - 15:05, 25 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (354 words) - 20:12, 25 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (301 words) - 12:27, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (307 words) - 01:31, 2 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (284 words) - 14:37, 21 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (294 words) - 18:26, 5 May 2006
- ..., but accounting, security, and other areas of expertise. Counsel runs the risk of embarrassing cross-examination by the prosecution if he or she allows an ...2 KB (358 words) - 19:18, 22 February 2009
- ::'''1. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...3 KB (360 words) - 16:59, 25 June 2006
- ...ets address significant changes in technology since 1996 and incorporate a risk-based examination approach. The 1996 Handbook has been replaced by these bo ...oklet]] provides guidance on the [[Audit_Guidance_Examination_Procedures | risk-based IT audit]] practices of financial institutions and technology service ...15 KB (2,060 words) - 17:47, 15 June 2007
- # [[IT risk management#Risk assessment|Risk assessment]] ...ering this area such as [[ISO/IEC 27005]]. The use of information security risk analysis to drive the selection and implementation of information security ...8 KB (1,111 words) - 10:30, 15 April 2012
- '''Risk Association Control Activities:'''<br> ...2 KB (298 words) - 01:59, 2 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (299 words) - 17:41, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (294 words) - 17:10, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (310 words) - 01:37, 2 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (302 words) - 18:25, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (311 words) - 02:04, 2 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (309 words) - 18:13, 1 May 2006
- ::'''9. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...3 KB (360 words) - 17:03, 9 April 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (311 words) - 14:12, 1 May 2006
- ...ly used where the impact of a change could have severe [[Risk_management | risk]] and or financial consequence. Typical examples from the computer and comp ...'''IMPACT ASSESSMENT'''. The IMPACT ASSESSOR or ASSESSORS then make their risk analysis and make a judgment on who should carry out the Change, typically ...3 KB (533 words) - 14:15, 23 April 2010
- ::'''1. Risk: Information security and business requirements may be compromised. Inaccur ...3 KB (369 words) - 16:09, 21 June 2006
- ::'''1. Risk: Information security and business requirements may be compromised. Inaccur ...3 KB (368 words) - 11:58, 22 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (305 words) - 14:51, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (303 words) - 18:06, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (298 words) - 16:59, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (316 words) - 17:47, 3 May 2006
- ::'''6. Risk: Insufficient control over authorization, authentication, nonrepudiation, d ...3 KB (382 words) - 17:41, 25 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (306 words) - 13:13, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (296 words) - 17:01, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (296 words) - 17:59, 3 May 2006
- ...t enable the organization to manage the IT Asset Portfolio with respect to risk, cost, control, [[IT Governance]], compliance and business performance obje *Risk reduction through standardization, proper documentation, loss detection ...5 KB (705 words) - 13:29, 23 May 2007
- ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...3 KB (379 words) - 18:17, 14 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (329 words) - 01:35, 2 May 2006
- ::'''3. Risk: Lost data could significantly impact financial reporting.''' ...3 KB (362 words) - 17:05, 9 April 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (329 words) - 13:34, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (329 words) - 19:26, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (311 words) - 16:29, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (339 words) - 18:28, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (337 words) - 19:47, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (332 words) - 18:24, 5 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (332 words) - 12:39, 4 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (319 words) - 17:09, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (347 words) - 13:38, 4 May 2006
- '''8. Risk: Insufficient security standards may allow unauthorized access to productio ...3 KB (405 words) - 00:10, 13 June 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (333 words) - 16:42, 5 May 2006
- ::'''(A)''' providing information security protections commensurate with the risk and magnitude of the harm resulting from unauthorized access, use, disclosu ::'''(A)''' assessing the risk and magnitude of the harm that could result from the unauthorized access, u ...10 KB (1,576 words) - 12:50, 4 June 2010
- ...nvestment practices. Generally speaking, these rules mean that the greater risk to which the bank is exposed, the greater the amount of capital the bank ne # Ensuring that Capital requirement is more risk sensitive; ...19 KB (2,934 words) - 21:46, 2 September 2012
- '''Risk Association Control Activities:'''<br> ...2 KB (346 words) - 18:25, 1 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (329 words) - 13:35, 6 March 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (357 words) - 14:15, 3 May 2006
- '''Risk Association Control Activities:'''<br> ...2 KB (345 words) - 01:18, 2 May 2006
- ...tion process, access to a credit report is critical for a lender to make a risk assessment. Because a credit freeze effectively stops any access to the cre ...ue a loan in the borrower's name. Hence, credit freezing should reduce the risk that loans or credit cards will be issued fraudulently. Credit freezes do h ...4 KB (663 words) - 12:59, 12 November 2011
- ::'''(A)''' providing information security protections commensurate with the risk and magnitude of the harm resulting from unauthorized access, use, disclosu ::'''(A)''' assessing the risk and magnitude of the harm that could result from the unauthorized access, u ...11 KB (1,610 words) - 19:37, 3 June 2010
- ...ionally, the degree of internal access granted to some users increases the risk of accidental damage or loss of information and systems.<br> '''Risk exposures from internal users include:''' ...10 KB (1,327 words) - 12:54, 10 April 2007
- '''Risk Association Control Activities:'''<br> ...3 KB (377 words) - 18:52, 4 May 2006
- ...cess that identifies threats, and vulnerabilities, and results in a formal risk assessment.]]<br> ...ntrol.jpg]][[PCI-12.7:|PCI-12.7 Screen potential employees to minimize the risk of attacks from internal sources.]]<br> ...7 KB (988 words) - 19:11, 7 July 2006
- ...refers to the likelihood of loss, damage, or injury to information assets. Risk is present if a threat can exploit an actual vulnerability to adversely imp ...vulnerability assessments should be rated and prioritized according to the risk and potential impact to Company information assets if exploited.<br> ...11 KB (1,433 words) - 14:11, 1 May 2010
- '''Risk Association Control Activities:'''<br> ...3 KB (413 words) - 19:02, 4 May 2006
- ...anized, systematic approach, you can approach risk management effectively. Risk simply put is the negative impact to business assets by the exercise of vul ...am for a commercial enterprise, the processes of calculating the cost of a risk exposure and what the appropriate costs of mitigating those risks should be ...23 KB (3,630 words) - 10:19, 27 October 2012
- '''Risk Association Control Activities:'''<br> ...3 KB (363 words) - 16:53, 9 April 2007
- ::'''1. Risk: Availability of critical systems is decreased because system changes (regu ...3 KB (447 words) - 13:36, 23 June 2006
- Although necessary, encryption carries the risk of making data unavailable should anything go wrong with data handling, key ...RSE FACTS:'''</font> Institutions should employ encryption to mitigate the risk of disclosure or alteration of sensitive information in storage and transit ...13 KB (2,019 words) - 11:46, 28 March 2008
- '''Risk Association Control Activities:'''<br> ...3 KB (410 words) - 13:30, 4 May 2006
- ==Risk Association Control Activities:== ...s and security staff, and specialist skills in areas such as insurance and risk management.<br> ...9 KB (1,301 words) - 16:55, 25 April 2007
- '''Risk Association Control Activities:'''<br> ...2 KB (353 words) - 18:22, 1 May 2006
- '''10. Risk: Reactive security monitoring results in data compromise and financial loss ...3 KB (421 words) - 20:20, 12 June 2006
- '''Risk Association Control Activities:'''<br> ...3 KB (401 words) - 11:50, 28 March 2008
- ...risk management method is in the context of project management, security, risk analysis, industrial processes, financial portfolios, actuarial assessments ...of the risk, and accepting some or all of the consequences of a particular risk. ...27 KB (4,185 words) - 23:45, 10 March 2010
- ...beginners guide but describes the overall processes, its relationship with risk management and reasons for an organization to implement along with the bene ...cal activities, resources, duties, obligations, threats, risks and overall risk appetite. ...7 KB (1,040 words) - 10:48, 27 October 2012
- '''9. Risk: Inappropriate administrative actions are executed without accountability m ...3 KB (422 words) - 00:09, 13 June 2006
- '''Risk Association Control Activities:'''<br> ::'''1. Risk: Business requirements are not met or third parties have inappropriate acce ...39 KB (5,914 words) - 17:55, 13 April 2007
- '''Risk Association Control Activities:'''<br> ...3 KB (393 words) - 14:35, 21 June 2006
- ...cess defined by the United States Department of Defense (DoD) for managing risk. DIACAP replaced the former process, known as '''DITSCAP''' ('''Department ...2 KB (229 words) - 10:14, 15 April 2012
- ::*"High-risk" vulnerabilities must be mitigated within seven (7) days.<br> ::*"Medium-risk" vulnerabilities must be mitigated within thirty (30) days.<br> ...9 KB (1,122 words) - 14:12, 1 May 2010
- ...hange, but the modification of which could indicate a system compromise or risk of compromise. File integrity monitoring products usually come pre-configur ...3 KB (372 words) - 17:59, 7 July 2006
- ...s often know likely hiding places, the house owner will experience greater risk of a burglary by hiding the key in this way. The owner has in effect added ...ity issue is implemented. Here, the goal is simply to reduce the short-run risk of exploitation of a vulnerability in the main components of the system.<br ...11 KB (1,798 words) - 14:44, 14 June 2007
- ...ves and controls themselves, including a structure for risk assessment and risk management<br> ...8 KB (1,063 words) - 13:25, 23 May 2007
- ...edge of IT security, [http://lazarusalliance.com/services/risk-management/ risk], privacy, [http://lazarusalliance.com/services/policies-governance/ govern ...llence – in any jurisdiction. Lazarus Alliance specializes in IT security, risk, privacy, governance, cyberspace law and compliance leadership solutions an ...9 KB (1,241 words) - 20:49, 13 September 2016
- ...ess processes. The BIA phase also should determine what and how much is at risk by identifying critical business functions and prioritizing them. It should ...3 KB (453 words) - 18:45, 25 April 2007
- '''BS7799 Part 3''' was published in 2005, covering risk analysis and management. It aligns with ISO/IEC 27001. ...2 KB (249 words) - 10:56, 27 October 2012
- ...gher zone. The requirements for each zone should be determined through the risk assessment.<br> '''The risk assessment should include, but is not limited to, the following threats:''' ...10 KB (1,485 words) - 14:22, 10 April 2007
- * Proposing methodologies and processes (e.g., risk assessment) subject to management approval<br> * A risk assessment to identify any requirements for specific controls, taking into ...8 KB (996 words) - 12:49, 22 May 2007
- ...ed return on investment, but also significant risk of noncompliance (legal risk).<br> ...it or commercial-centric) dramatically affect factors such as maturity and risk.<br> ...11 KB (1,601 words) - 12:58, 10 April 2007
- ...ation. Therefore, it is important to detail exactly what areas of economic risk the defendant faces. It is conceivable that a computer crime case, which go ...3 KB (490 words) - 13:34, 22 February 2009
- ...is the United States Department of Defense (DoD) process to ensure that [[risk management]] is applied on information systems (IS). DIACAP defines a DoD- ...2 KB (322 words) - 10:16, 15 April 2012
- ...ost and Risk of Complex Matters | Active Management to Reduce the Cost and Risk of Complex Matters]] ...the risk a... | Avoid that feeling of uncertainty: the power to reduce the risk a...]] ...16 KB (2,124 words) - 11:06, 16 March 2010
- ...m [[Information_Security_Audit | audit]] activities, such as control and [[risk assessment]]s, on a more frequent basis. Technology plays a key role in con ...data assurance (CDA), continuous controls monitoring (CCM), and continuous risk monitoring and assessment (CRMA). ...15 KB (2,212 words) - 17:29, 19 February 2015
- [[DS2.3:| 2.3 Supplier Risk Management]]<br> ...4 KB (538 words) - 19:08, 14 June 2007
- '''Risk Association Control Activities:''' ...ot meet business, compliance and regulatory needs of the business inducing risk.'''<br> ...21 KB (3,010 words) - 15:52, 25 June 2006
- ...itable for the roles for which they are considered, in order to reduce the risk of theft, fraud or misuse of facilities. ...onal security policy in the course of their normal work, and to reduce the risk of human error.<br> ...10 KB (1,387 words) - 14:04, 22 May 2007
- ...dentify and provide information security protections commensurate with the risk and magnitude of the harm resulting from the unauthorized access, use, disc ...3 KB (414 words) - 11:45, 4 June 2010
- b. The plaintiff was a CHILD WHO IS TOO YOUNG TO KNOW AND APPRECIATE THE RISK INVOLVED. If so, what duty is owed? ii. Does the doctrine of ASSUMPTION OF THE RISK apply? ...19 KB (3,149 words) - 10:42, 7 April 2009
- ...II objectives and procedures provide additional validation as warranted by risk to verify the effectiveness of the institution’s audit function. Tier II qu :1. Review past reports for outstanding issues, previous problems, or high-risk areas with insufficient coverage related to IT. Consider: ...32 KB (4,518 words) - 17:53, 11 April 2007
- ...are first accepted and subsequent Company supporting security, privacy and risk technology and processes are fully implemented. ...s the intended performance of security software, data leakage controls and risk mitigating controls implemented by the Company. Disabling the technology im ...10 KB (1,433 words) - 18:15, 14 January 2014
- ...ample Information Security Program Charter''']], the Company will follow a risk management approach to develop and implement Information Security policies, ...are intended to address the specific requirements identified via a formal risk assessment. The standard is also intended to provide a guide for the develo ...10 KB (1,314 words) - 18:06, 15 March 2009
- Examiners should conduct risk-focused reviews that assess the overall effectiveness of an organization’s .... However, examiners should be aware that the newer methodologies are more risk focused and involve the completion of project phases in repetitive (iterati ...12 KB (1,538 words) - 22:41, 25 April 2007
- ...nizations must understand the need for physical security, conduct thorough risk assessments, and implement physical and environmental controls as required ...4 KB (592 words) - 19:28, 14 June 2007
- ...refers to the formal authorization for system operation and acceptance of risk by an accrediting authority.<br> ::1. Risk Assessment:<br> ...16 KB (2,312 words) - 14:14, 1 May 2010
- ...OUTINE authority is required to register NOT FENCED routines, limiting the risk to introduce routines that may corrupt the database manager's shared memory ...4 KB (644 words) - 14:43, 15 May 2007
- ==Risk Management== ...cepting some or all of the consequences of a particular risk. Traditional risk management focuses on risks stemming from physical or legal causes (e.g. na ...43 KB (6,368 words) - 11:22, 4 July 2015
- ...''HORSE FACTS:'''</font> Financial institutions should protect against the risk of malicious code by implementing appropriate controls at the host and netw ...4 KB (568 words) - 17:25, 10 April 2007
- ...ample Information Security Program Charter''']], the Company will follow a risk management approach to develop and implement Information Security policies, ...are intended to address the specific requirements identified via a formal risk assessment. The standard is also intended to provide a guide for the develo ...8 KB (1,068 words) - 17:23, 16 October 2009
- [[AI1.2:| 1.2 Risk Analysis Report]]<br> ...3 KB (341 words) - 19:07, 14 June 2007
- ...ormation where a reasonable person would consider that there exists a real risk of significant harm to an individual as a result. * An assessment of the risk of harm to individuals as a result of the loss or unauthorized access or di ...18 KB (2,700 words) - 16:17, 29 August 2014
- ## Security changes, significant activity, and high-risk functions must be recorded. ...3 KB (444 words) - 20:12, 15 January 2014
- ...raising and recording of changes, assessing the impact, cost, benefit and risk of proposed changes, developing business justification and obtaining approv ...4 KB (523 words) - 10:24, 23 April 2010
- ...delays. For example, in businesses which have higher operational or credit risk loading (that involve credit cards, wealth management), Citibank has moved ...5 KB (786 words) - 16:48, 22 March 2007
- ...refers to the likelihood of loss, damage, or injury to information assets. Risk is present if a threat can exploit an actual vulnerability to adversely imp ...8 KB (1,123 words) - 16:01, 2 August 2009
- ...Lotus Notes database through Lotus Domino, as well as how to mitigate the risk.<br> ...t topics and provides sample policy statements for low-, medium-, and high-risk environments.<br> ...10 KB (1,527 words) - 12:47, 25 April 2007
- ...it reports associated with IT. Refer to [[Risk Assessment and Treatment: | Risk Assessment and Treatment]] for more guidance. Audit management should overs ...intain or improve the efficiency and effectiveness of the institution’s IT risk management, internal controls, and corporate governance.<br> ...28 KB (4,089 words) - 14:37, 16 April 2007
- ...ecurity breach has compromised any personal information and placed them at risk of identity theft. North Carolina consumers where given the right to obtain ...3 KB (488 words) - 13:02, 12 November 2011
- [[File:Risk-Calculator-Flowchart-Generic-MDP-2013122401.jpg]] ...3 KB (411 words) - 12:27, 16 October 2014
- ...dentify and provide information security protections commensurate with the risk and magnitude of the harm resulting from the unauthorized access, use, disc ...4 KB (671 words) - 10:44, 1 June 2010
- ...g enables an organisation to plan future IT expenditure, thus reducing the risk of over-spending and ensuring the revenues are available to cover the predi ...6 KB (885 words) - 10:12, 23 March 2007
- ...ct and secure operation of information processing facilities; minimize the risk of systems failures; protect the integrity of software and information; mai ...8 KB (1,023 words) - 17:25, 24 October 2006
- ...information technology (IT) systems and their performance management and [[risk management]]. The rising interest in IT governance is partly due to complia ...t the necessary systems and IT controls. Whilst [[risk management|managing risk]] and ensuring compliance are essential components of good governance, it i ...12 KB (1,686 words) - 11:47, 30 May 2015
- ...infrastructure (major machinery or computing/network resource). As such, [[risk management]] must be incorporated as part of BCP. ===Threat and Risk Analysis (TRA)=== ...15 KB (2,046 words) - 11:39, 27 October 2012
- ...stom document properties. Identifier metadata, though not necessarily high risk, should be managed if the originator needs to remain anonymous or if docume ...4 KB (587 words) - 22:52, 15 March 2010
- ...nds should be allotted into various areas: policy, awareness and training, risk assessment, technology, and process.<br> ...6 KB (839 words) - 16:22, 23 April 2007
- ...ncing techniques should be used, as deemed necessary, to help minimize the risk and impact of system failures. ...5 KB (646 words) - 21:03, 15 January 2014
- ...refers to the likelihood of loss, damage, or injury to information assets. Risk is present if a threat can exploit an actual vulnerability to adversely imp ...9 KB (1,430 words) - 14:56, 28 August 2009
- ...ion of appropriate audit data on operational systems, while minimizing the risk of disruption to business processes. ...6 KB (774 words) - 12:41, 25 May 2007
- ...he industry standards is extremely remote, [[30]] and is far less than the risk of undetected forgery or alteration on paper or of using other less secure ...uch an unsupported published statement in an open system would run a great risk of trusting a phantom or an imposter, or of attempting to disprove a false ...22 KB (3,420 words) - 15:18, 3 April 2007
- ...ct and secure operation of information processing facilities; minimize the risk of systems failures; protect the integrity of software and information; mai ...lan should address the budget, periodic board reporting, and the status of risk management controls.<br> ...19 KB (2,609 words) - 13:51, 23 May 2007
- * Constructing a thorough [risk management] on each department handling the nonpublic information ...itutions to take a closer look at how they manage private data and to do a risk analysis on their current processes. No process is perfect, so this has mea ...15 KB (2,184 words) - 17:02, 15 June 2007
- ...refers to the likelihood of loss, damage, or injury to information assets. Risk is present if a threat can exploit an actual vulnerability to adversely imp The below guidelines are to be followed when mitigating the risk brought about by the threat of Phishing and Vishing attacks against the Com ...14 KB (2,165 words) - 16:53, 22 September 2009
- ...a coverage of compromised business web sites show us that databases are at risk.<br> The risk is so great, in fact, that the world's largest payment networks, Visa and M ...28 KB (4,261 words) - 11:45, 28 March 2008
- 2. Does the potential assignment INCREASE THE PROMISOR'S DUTY OR RISK? ...8 KB (1,401 words) - 09:26, 7 April 2009
- ...n but does not shift to such party the burden of proof in the sense of the risk of non persuasion, which remains throughout the trial upon the party on who ...6 KB (1,070 words) - 10:18, 11 August 2009
- ...’s life, or data the misuse of which may lead to discrimination or serious risk to the data subject. Specifically, the definition includes data which may r ...e sufficiency of the security measures will be assessed in relation to the risk involved, potential consequences for data subjects, sensitivity of the data ...18 KB (2,869 words) - 17:46, 29 August 2014
- ...organizations establish [[Compliance and Ethics Programs]] to minimize the risk that the firm steps outside of ethical and legal boundaries. *oversight and management of risk ...29 KB (4,284 words) - 17:19, 20 April 2010
- * Intrusion detection and security risk assessment ...ion, possibly filling up your disks. Backup logs periodically to avoid the risk of filling up your disks. The logs should be written to a mount point/direc ...18 KB (2,920 words) - 17:59, 18 May 2007
- * Isolate services to reduce the risk that a compromised service could be used to compromise others. ...7 KB (1,018 words) - 13:53, 14 May 2007
- ...tend to charge a greater transaction rate for CNP, because of the greater risk. ...the event of fraud. Merchants can implement these prevention measures but risk losing business if the customer chooses not to use the measures. ...25 KB (3,921 words) - 12:53, 12 November 2011
- ...tions also specify the form of consent. This is a significant class action risk area, and any text messaging (marketing or informational) needs to be caref ...ver, undisclosed online tracking of customer activities poses class action risk. The use of cookies and similar tracking mechanisms should be carefully and ...14 KB (2,027 words) - 15:57, 29 August 2014
- ::*No cost impact (within planned budget or risk transferred).<br> ...8 KB (1,149 words) - 14:09, 1 May 2010
- The risk is there when you are using programs to log in over a greatest risk. ...75 KB (10,622 words) - 14:38, 3 April 2007
- ...l institutions should review access rights on a schedule commensurate with risk.<br> Depending on the risk associated with the access, authorized internal users should generally rece ...78 KB (11,440 words) - 02:00, 10 April 2007
- SSAE 16 engagements are generally performed by audit, risk, and control oriented professionals who have experience in accounting, audi ...10 KB (1,457 words) - 21:20, 21 August 2012
- ..., and understandable process that specifically addresses the management of risk, incremental acquisitions, and the need to incorporate commercial informati ...10 KB (1,502 words) - 19:27, 4 April 2010
- ...soundness issue due to the reputational, regulatory, legal, and financial risk exposure to the bank for being involved in money laundering schemes or will ...13 KB (1,838 words) - 14:57, 20 April 2007
- ...strategy will largely eliminate individual company financial risk or other risk and, therefore, these investors have even less interest in a particular com ...any organizations establish Compliance and Ethics Programs to minimize the risk that the firm steps outside of ethical and legal boundaries. ...45 KB (6,604 words) - 15:20, 15 April 2010
- ...relationship, conceivably placing a significant consulting arrangement at risk, damaging the auditing firm's bottom line. ...ces''': Lending to a firm sends signals to investors regarding the firm's risk. In the case of Enron, several major banks provided large loans to the comp ...38 KB (5,614 words) - 14:31, 15 April 2010
- ...ent systems to comply with the act. (The requirement of risk analysis and risk management implies that the act’s security requirements are a minimum stand ...32 KB (4,732 words) - 19:36, 29 November 2013
- ...are made in accordance with the Change Control Standard; supporting test, risk assessment, and documentation efforts; and participating in restoration eff ...12 KB (1,684 words) - 14:14, 1 May 2010
- :::B. Perform risk assessment:<br> ...12 KB (1,656 words) - 14:15, 1 May 2010
- ...engineering, system engineering, project management, software maintenance, risk management, system acquisition, information technology (IT), services, busi ...12 KB (1,863 words) - 11:32, 9 June 2010
- ...pproved, cost effective, business enhancing changes (fixes) - with minimum risk to IT infrastructure. ...nalysis, Manage Contingency Plan Management, Contingency Plan Testing, and Risk Management. ...37 KB (5,348 words) - 10:12, 8 September 2011
- ...ring to think that "potential loss of life" appears in far more IT service risk assessments than one might assume. The RTO and RPO are time intervals, typi ...13 KB (2,264 words) - 11:10, 27 October 2012
- ...the cipher and the best known attacks is too small for comfort. There is a risk that some way to improve such attacks might be found and then the cipher co ...18 KB (2,766 words) - 11:41, 28 March 2008
- ...ing oneself unnecessarily (a form of information security control known as risk avoidance). This implies that organizations, IT systems and procedures shou ...ng in unauthorized access to sensitive data, can expose individuals to the risk of identity theft. The Privacy Rights Clearinghouse has documented over 900 ...37 KB (5,577 words) - 14:50, 12 November 2011
- ...standards if controls are implemented that ensure there is no significant risk if the password SHOULD be compromised. Accounts MUST comply with the follow ...22 KB (3,612 words) - 16:20, 15 November 2007
- ...their organization, the Auditor should conduct an analysis of the client’s risk and data value. Companies with multiple external users, e-commerce applica ...21 KB (3,112 words) - 16:52, 15 June 2007
- : Guarantees that trades will go through by legally assuming the risk of payments not made or securities not delivered. ...generally flow toward the institution funding the transaction and assuming risk in the process. In a credit card transaction, the interchange fee is paid b ...74 KB (11,078 words) - 13:08, 9 April 2007
- ...gh copies of works published before March 1, 1989, must bear the notice or risk loss of copyright protection. The notice has several benefits. It informs t ...14 KB (2,130 words) - 06:38, 11 April 2011
- ...rties have to accept the prospective judgment as binding. This reduces the risk of wasting the Court's time. ...20 KB (3,032 words) - 13:27, 12 October 2011
- ...able for “foreseeable harm” when the information it sells places others at risk due to criminal misconduct. The court included in the definition of foresee ...21 KB (3,283 words) - 13:26, 26 April 2011
- ...nfusion” test are so factually driven, it is likely some links pose such a risk. As a general proposition, however, it appears that a link that simply uses ...27 KB (4,223 words) - 10:08, 13 April 2011
- ...nitor the quality of the goods being produced by the licensee to avoid the risk of trademark being deemed abandoned by the courts. A trademark license shou ...39 KB (6,281 words) - 14:29, 26 April 2011
- ...commence judicial proceedings against the suspected infringer, without the risk that the alleged infringing goods will disappear into circulation after cus ...46 KB (7,265 words) - 12:09, 2 May 2010
- ...control of a third party, the Court stated, an account holder assumes the risk that the information will be conveyed to the government. Id. According to t ...has authority over the computer. In such cases, all users have assumed the risk that a co-user might discover everything in the computer and might also per ...154 KB (23,956 words) - 13:16, 5 August 2011
- ...he ''Wall Street Journal'' said that YouTube, MySpace and blogs are put at risk by net neutrality. Swanson says that YouTube streams as much data in three ...52 KB (7,736 words) - 20:12, 1 October 2011
- ...t the fruits of future monitoring by providers, this letter may reduce the risk that any provider monitoring and disclosure will exceed the acceptable limi ...83 KB (12,981 words) - 12:42, 5 August 2011
- ...or knowingly and with reckless disregard of a substantial an unjustifiable risk that such transmission will cause damage to or deny usage of such computer ...85 KB (12,600 words) - 16:49, 1 March 2009
- ...recommended. By following these procedures, agents can greatly reduce the risk that any provider monitoring and disclosure will exceed the acceptable limi ...97 KB (14,928 words) - 13:21, 5 August 2011
- ...computers"). Moreover, attempting to search storage media on-site may even risk damaging the evidence itself in some cases. Modern operating systems contin ...138 KB (21,660 words) - 13:18, 5 August 2011