Use LEFT and RIGHT arrow keys to navigate between flashcards;
Use UP and DOWN arrow keys to flip the card;
H to show hint;
A reads text to speech;
21 Cards in this Set
- Front
- Back
British Standard 7799 (BS7799)
|
The goal was to provide guidance to organizations on how to design, implement, and maintain policies, processes, and technologies to manage risks to its sensitive information assets.
|
|
ISO/IEC 27000
|
Overview and vocabulary
|
|
ISO/IEC 27001
|
requirements. What you certify to.
|
|
ISO/IEC 27002
|
Code of practice
|
|
ISO/IEC 27003
|
implementation
|
|
ISO/IEC 27004
|
measurement and metrics
|
|
ISO/IEC 27005
|
security risk management
|
|
ISO/IEC 27006
|
audit and certification
|
|
ISO/IEC 27011
|
telecomm
|
|
ISO/IEC 27031
|
BCP
|
|
ISO/IEC 27033-1
|
network security
|
|
ISO 27799
|
health organizations
|
|
Zachman framework
|
(What, How, Where, Who, When, and Why) vs roles. understanding of the business.
|
|
The Open Group Architecture Framework
(TOGAF) |
(ADM),
|
|
Department of Defense Architecture Framework (DoDAF)
|
Military mission goals. interoperability
|
|
British Ministry of Defence Architecture Framework (MODAF)
|
Right data to right people Fast!
|
|
Sherwood Applied Business Security Architecture (SABSA)
|
Zachman (Business) + Security. Maps to business intitiatives.
|
|
Relation between ISMS and Enterprise Architecture |
ISMS is a policy based security program. Architecture allows the program to be integrated throughout the company |
|
NIST 800 30 |
IT risks |
|
OCTAVE |
Team oriented. Workshops |
|
FRAP |
Qualitative. Prescreening |