If you have any suggestions for additions to the glossary, please submit your suggestions below.
A documented process for applying security updates in the environment
The Payment Card Industry (PCI) Data Security Requirements are designed to ensure that merchants and service providers adequately protect card holder data.
A Means for ensuring the physical identity of employees within the organization
Formal, structured methods to consistently evaluate the integrity of applicants.
Mechanisms to ensure that assets within the organization are secured in accordance with “Least Privilege.
The systematic evaluation of an Incident that includes the cause, potential ramifications, remediation, and recommended preventive measures to deter a recurrence.
Control type that intends to prevent an entity from accessing a resource or performing an action
United Kingdom data protection framework
Any user or account that has the ability to grant, modify, or deny other accounts or access.
The roadmap for determining how the mission and mandate of the security program will be achieved.
The interaction between the security program project management process
Information that does not pose a security risk and is readily distributed.