Domain 2 Introduction Information Security Risk ManagementDomain 2 Introduction Information Security Risk Management

0.0(0)
studied byStudied by 0 people
0.0(0)
linked notesView linked note
full-widthCall Kai
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
Card Sorting

1/9

flashcard set

Earn XP

Description and Tags

Flashcards covering key concepts in Information Risk Management, focusing on definitions and explanations relevant to CISM certification.

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

10 Terms

1
New cards

Information Risk Management

The process of handling risks to information assets to ensure they are at an acceptable level as defined by their owners.

2
New cards

Risk Assessment

A structured process that identifies, evaluates, and determines the severity of risks to an organization.

3
New cards

Risk Response

Actions taken to manage risks, which may include avoiding, mitigating, transferring, or accepting the risk.

4
New cards

Stakeholders

Individuals or groups who have an interest or concern in an organization, including management, clients, and regulators.

5
New cards

Continuous Monitoring

Ongoing process of regularly reviewing risks and the effectiveness of risk management efforts.

6
New cards

Asset Valuation

The process of determining the value of an organization's assets to drive security efforts.

7
New cards

Risk Treatment Types

Different strategies for managing risk, including avoidance, mitigation, transfer, and acceptance.

8
New cards

Communication of Risks

The practice of reporting risks and sharing information about risk management activities with relevant stakeholders.

9
New cards

CISM Certification

Certified Information Security Manager certification focused on managing information security aligned with organizational goals.

10
New cards

Effective Control Measures

Strategies and actions implemented to reduce risks to an acceptable level.