Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.
- Create BookmarkCreate Bookmark
- Create Note or TagCreate Note or Tag
- PrintPrint
Index - Pg. 331
Index A Acceptance, 150 Access control, 130, 143, 269 content-based access control, 131 discretionary access control, 130 RBAC, 130 rule-based access control, 130131 security services, 132 see also Assurance model; Security control principles; Security services Access Control List (ACL), 95, 130 Access device control, 270271 Accountability, 10 qualitative severity scale, 110 severity, 110 see also Integrity; Confidentiality; Availability Accreditation, 196 ACL, see Access Control List (ACL) Addressed risk, 250 Addressing the risk, 250 Agreed Upon Procedures (AUP), 206 ALE, see Annualized Loss Expectancy (ALE) Annualized Loss Expectancy (ALE), 123, 231 cross-functional role, 186 flow for audit, 183 plan development, 187 risk manager's involvement, 183 SSL VPN, 186 timeframe for mitigation actions, 186 writing management response, 184185, 187 AUP, see Agreed Upon Procedures (AUP) Authentication, 137 Authorization, 138 Automated process, 270 Availability, 10 qualitative severity scale, 108 severity, 107108 see also Accountability; Confidentiality; Availability Avoidance, 149 B Baseline, 196197 Best practices, 45, 22 BIA, see Business Impact Assessment (BIA) Big hammer, 288 Biomedical research company, 8081
