Governance, Risk, and Compliance (GRC) (Quizzes With Correct Ans) Already Passed!!
GRC - Answer-A strategy for managing an organizations overall governance, enterprise risk management, and compliance with regulations. A structured approach to aligning IT with business objectives, while managing risk and meeting compliance requirements. Governance - Answer-Ensuring that organizational activities are aligned in a way that supports the organizations business goals (monitoring of the organization). Risk - Answer-Making sure that any risk associated with organizational activities is identifies and addressed in a way that supports the organizations business goals. Compliance - Answer-Making sure that organizational activities are operated in a way that meets the laws and regulations impacting those systems. IT Governance - Answer-The process that ensures the effective and efficient use of IT in enabling an organization to achieve its goals. IT Governance Framework - Answer-Describes the leadership, organizational structures, and processes that ensure IT sustains and extends organizational strategies and objectives. ITIL Framework - Answer-A framework that helps organizations manage their IT services across their lifecycle. COBIT Framework - Answer-Separates governance from management, strives to aid IT governance by helping organizations generate the maximum added value to the business via its IT investments, while mitigating risk and optimizing resources. Confidentiality - Answer-Preserving authorized restrictions on access and disclosure, including means for protecting privacy and proprietary information.Inegrity - Answer-Guarding against improper modification or destruction, and includes ensuring information non-repudiation and authenticity. Availability - Answer-Ensuring timely and reliable access to and use of information. Threat - Answer-Any source that is capable of acting against an asset in a manner that can result in harm. Vulnerability - Answer-A security weakness in the design, implementation, operation or internal control of a process that could expose the system to adverse threats from threat events by allowing an attack to be successful. Internal Control (COSO Definition) - Answer-A process, affected by an entity's BOD, management and other personnel, designed to provide reasonable assurance regarding the achievement of objectives in effectiveness of operations, reliability of financial reporting, and compliance. Inherent Risk - Answer-the risk that exists before management takes any steps to control the likelihood or impact of a risk. Control Risk - Answer-Probability of loss arising from the tendency of internal control systems to lose their effectiveness over time, and this expose the assets they were instituted to protect. Residual Risk - Answer-The risk that remains after management implements internal controls or some other form of response to a risk. Hacking - Answer-An attempt to gain unauthorized access to some element of a computer system. Social Engineering - Answer-An attack based on deceiving users or administrators at the target site into revealing confidential or sensitive information. Malware - Answer-Software designed to infiltrate, damage, or obtain information from a computer system without consent.
Escuela, estudio y materia
- Institución
- Governance, Risk, and Compliance
- Grado
- Governance, Risk, and Compliance
Información del documento
- Subido en
- 23 de abril de 2024
- Número de páginas
- 2
- Escrito en
- 2023/2024
- Tipo
- Examen
- Contiene
- Preguntas y respuestas
Temas
-
governance risk and compliance grc
Documento también disponible en un lote