CISM Audible Exam Quiz Phil Martin Flashcards Preview

CISM (Certified Information Security Manager) > CISM Audible Exam Quiz Phil Martin > Flashcards

Flashcards in CISM Audible Exam Quiz Phil Martin Deck (10)
Loading flashcards...
1

standard

tells how to carry out a policy

2

procedure

clear list of steps required to accomplish a task

3

procedure defines 4 things

required conditions

information displayed

expected outcome

what to do when unexpected happens

4

biased assimilation

when we accept only facts that support our perspective

5

risk appetite

amount of risk a business is willing to incur

6

risk tolerance

amount of deviation from the risk appetite that a business considers acceptable

7

risk capacity

amount of risk a business can absorb without dying

8

3 phases of octave

locate all assets, build threat profile
locate all network paths and it components
assign risk to each asset and decide what to do with it

9

operationally critical threat asset and vulnerability evaluation (OCTAVE)

risk approach for when you need well established process to id, prioritize and manage risk

10

Bowtie analysis

risk approach that creates a visual diagram with the event in the middle (knot)