Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
8 Cards in this Set
- Front
- Back
NIST 800-30 Risk Management Guide for Information Technology
Systems |
A U.S. federal standard that is focused on IT risks
|
|
Facilitated Risk Analysis Process (FRAP)
|
A focused, qualitative
approach that carries out prescreening to save time and money |
|
Operationally Critical Threat, Asset, and Vulnerability Evaluation
(OCTAVE) |
Team-oriented approach that assesses organizational and
IT risks through facilitated workshops |
|
AS/NZS 4360
|
Australia and New Zealand business risk management
assessment approach. |
|
ISO/IEC 27005
|
International standard for the implementation of a
risk management program that integrates into an information security management system (ISMS) |
|
Failure Modes and Effect Analysis
|
Approach that dissects a component
into its basic functions to identify flaws and those flaws’ effects |
|
Fault tree analysis
|
Approach to map specific flaws to root causes in
complex systems. |
|
CRAMM
|
Central Computing and Telecommunications Agency Risk
Analysis and Management Method |