COBIT 5 enablers (CH1) Correct Answer-COBIT 5 is an information security management
system (ISMS) backed by ISACA, an international professional
... [Show More] association serving a broad
range of IT governance professionals and a framework accepted by many assurance and
governance professionals.
---
begins with principles, policies, and frameworks as mechanisms acting as hand-rails guiding
desired behavior for day-to-day management. Processes describe an organized set of practices
and activities to achieve certain objectives and produce a set of outputs in support of achieving
cybersecurity objectives aligned to enterprise objectives. Organizational structures are the key
decision-making entities in an enterprise. Culture, ethics, and behavior of individuals and of the
enterprise are a key success factor in governance and management activities. Information is
organization pervasive and includes all information produced and used by the enterprise.
Information is not only required to keep the organization running and well governed, but is often
the key product of the operational enterprise. Services, infrastructure, and applications include
the infrastructure, technology, and applications that provide the enterprise with information
technology processing and services. People, skills, and competencies are linked to people and are
required for successful completion of all activities and for making correct decisions and taking
corrective actions. Note that portions of this text are presented both in this course and in
Cybersecurity Management II - Tactical.
ISO 31000:2009 (CH1) Correct Answer-Risk management—Principles and guidelines
Maturity (CH1) Correct Answer-Concept relating to the current or future state, fact, or period of
evolving development, quality, sophistication, and effectiveness (not necessarily age dependent).Enterprise-wide risk management (ERM) (CH1) Correct Answer-Typically synonymous with
risk management for all sectors; also used to emphasize an integrated and holistic "umbrella"
approach delivering objectives by managing risk across an organization, its silos, its risk
specialist, and other subfunctions and processes.
Maturity model (CH1 Correct Answer-A simplified system that "road-maps" improving, desired,
anticipated, typical, or logical evolutionary paths of organization actions. The ascending
direction implies progression increases organization effectiveness over time (albeit subject to
stasis and regression).
Cybersecurity (CH2) Correct Answer-Cybersecurity is the ongoing application of best practices
intended to ensure and preserve confidentiality, integrity, and availability of digital information
as well as the safety of people and environments [Show Less]