If you have any suggestions for additions to the glossary, please submit your suggestions below.
Tools and techniques for identifying and validating the identity of individuals requesting use of computer assets.
Physical controls used to manage the ingress and egress of personnel for the Intermediate Distribution Frames in order to maintain conformance to “Least Privilege.
An occurrence or event that can negatively impact the safety, security, or continued operations at an organization.
A documented process for responding to an identified event within an environment. Also, has an established criterion to determine the relevant impact of that event.
Any form of information employed or created by an organization.
The exposure of protected data to a user that is not otherwise allowed access to that data
A formal agreement between two parties that describe the conditions, means, and manner under which information may be transferred.
The individual or entity that is responsible for the use and disclosure of an Information Asset.
This is a level of assurance that something has not been added, modified or deleted. An example would be a bank transaction. Before processing it, a system should verify that the requested transaction has not been modified in any way.
A consistent, documented process for measuring the conformity to general computing controls
Detective controls used to detect unauthorized activity
A unique address that computers utilize in order to identify and communicate with each other on a computer network.