INMT EXAM 3 QUESTIONS AND
ANSWERS
GRC - ANSWER-How organizations effectively manage processes, people, and
technology so that they generate Value
Governance - ANSWER-Managing processes, technology, and systems
Risk Management - ANSWER-Identifying the risks associated with processes,
technology, and systems
Compliance - ANSWER-Data handled and stored by a company
Adhering to the laws and regulations that govern organizations
-Must be documented`
GRC -IT Governance - ANSWER--Describes a formal framework that provides a
structure for organizations to ensure that IT investments support business objectives
-Subset of overall organization governance
-Business Issue
I&T/IT Governance Objectives - ANSWER-inform, direct, manage, and monitor
organization activities, enabling an organization to achieve its goals
Data Breach Laws in All US States - ANSWER-All 50 states enacted legislation to
protect consumer privacy - requiring private or governmental entities to notify
individuals of security breaches of info involving personal identifiable information
General Data Protection Regulation (GDPR) - ANSWER-Any organization
processing personal data of EU residents must protect personal data
California Consumer Privacy Act - ANSWER-Mirrors the standards in GDPR -
information on CA residents or business in CA
Personal Infromation Protection and Electronic Documents Act - ANSWER-Canadian
Law that mirrors the standards in GDPR
Family Educational Rights and Privacy Act - ANSWER-Federal law that affords
parents the right to have access to their children's education records, records
amended, and disclosure of personally identifiable info
-When child turns 18 the rights transfer to child
Federal Information Security Management Act (FISMA) - ANSWER-US Federal
agencies protection of information and IT systems
Gramm-Leach-Bliley Act, Patriot Act 2001 - ANSWER-US financial institutions must
protect privacy of personal information, safety of internet-based products and
services, fair and accurate credit transactions, anti-terrorism
ANSWERS
GRC - ANSWER-How organizations effectively manage processes, people, and
technology so that they generate Value
Governance - ANSWER-Managing processes, technology, and systems
Risk Management - ANSWER-Identifying the risks associated with processes,
technology, and systems
Compliance - ANSWER-Data handled and stored by a company
Adhering to the laws and regulations that govern organizations
-Must be documented`
GRC -IT Governance - ANSWER--Describes a formal framework that provides a
structure for organizations to ensure that IT investments support business objectives
-Subset of overall organization governance
-Business Issue
I&T/IT Governance Objectives - ANSWER-inform, direct, manage, and monitor
organization activities, enabling an organization to achieve its goals
Data Breach Laws in All US States - ANSWER-All 50 states enacted legislation to
protect consumer privacy - requiring private or governmental entities to notify
individuals of security breaches of info involving personal identifiable information
General Data Protection Regulation (GDPR) - ANSWER-Any organization
processing personal data of EU residents must protect personal data
California Consumer Privacy Act - ANSWER-Mirrors the standards in GDPR -
information on CA residents or business in CA
Personal Infromation Protection and Electronic Documents Act - ANSWER-Canadian
Law that mirrors the standards in GDPR
Family Educational Rights and Privacy Act - ANSWER-Federal law that affords
parents the right to have access to their children's education records, records
amended, and disclosure of personally identifiable info
-When child turns 18 the rights transfer to child
Federal Information Security Management Act (FISMA) - ANSWER-US Federal
agencies protection of information and IT systems
Gramm-Leach-Bliley Act, Patriot Act 2001 - ANSWER-US financial institutions must
protect privacy of personal information, safety of internet-based products and
services, fair and accurate credit transactions, anti-terrorism
