5.4 - CompTIA Security+

0.0(0)
studied byStudied by 0 people
linked notesView linked note
GameKnowt Play
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/21

encourage image

There's no tags or description

Looks like no tags are added yet.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

22 Terms

1
New cards

Internal compliance reporting

Internal audits and assessments that an organization conducts to examine its alignment with its own organizational policies and regulatory requirements.

2
New cards

External compliance reporting

Audits of external stakeholders (e.g., clients, vendors, business partners), and how they adhere to regulatory requirements.

3
New cards

Fines

Financial penalties imposed on organizations for failing to meet regulatory standards, impacting the company's reputation and bottom line.

4
New cards

Sanctions

Penalties imposed on an entity to enforce compliance with regulations/laws.

5
New cards

Reputational damage

Public announcements/scandals related to non-compliance, discouraging customers from using a business’s products/services.

6
New cards

Loss of license

Loss of a certification allowing a company to operate in its industry, significantly affecting its economic situation.

7
New cards

Contractual impacts

Contract breaches that occur when organizations fail to maintain relevant security compliance.

8
New cards

Due diligence

Compliance monitoring actions taken towards a third party (e.g., audits, compliance, penetration testing).

9
New cards

Due care

Compliance monitoring actions taken internally (e.g., internal audits).

10
New cards

Attestation/acknowledgement

Signing or affirmation from a senior official that an organization adheres to standardized policies.

11
New cards

Automation

Using automated compliance systems to collect data for monitoring purposes.

12
New cards

Privacy

The ability of individuals/entities to seclude information about themselves and/or express themselves secretly.

13
New cards

Local/regional privacy laws

Regulations governing privacy in a smaller area (e.g., California Consumer Privacy Act, CCPA).

14
New cards

National privacy laws

Regulations that govern privacy over a whole country (e.g., HIPAA in the US).

15
New cards

Global privacy laws

Regulations governing privacy across multiple countries (e.g., GDPR in the EU).

16
New cards

Data subject

An individual who is identified by personal data.

17
New cards

Data controller

The entity that determines the purposes and means of processing personal data.

18
New cards

Data processor

The entity that processes data on behalf of the controller, often under contractual obligations.

19
New cards

Data owner

The individual or entity that holds the right to determine how and why personal data is processed.

20
New cards

Data inventory

Lists of classified data or information stored or processed by a system.

21
New cards

Data retention

The process an organization uses to maintain and control certain data to comply with business policies and/or applicable laws.

22
New cards

Right to be forgotten

A principle in GDPR that grants data subjects the right to request the erasure or deletion of their personal data under certain circumstances.