Recent

Show all results for ""

Ace your exams with our all-in-one platform for creating and sharing quizzes and tests.

Quizzes

Create quizzes and tests automatically from your content using AI.

Flashcards

Automatically turn your notes into digital flashcards.

Share, Export & Embed

Share with classmates or export to Excel and your learning management system.

Stats & Reporting

Auto-grading quizzes and tests with detailed stats and reports.

Mobile Apps

The smarter way to study – wherever you are.

Pricing

Resources

Search...

ITSMA - L2 Terminologies and types of IT AUDIT - PART 1

Created by SmarterBalance2816

Download PDF Download

Start Quiz

Study Flashcards

10 Questions

What is IT Security Management?

A process used to achieve and maintain the confidentiality, integrity and availability of an organization’s data, information and IT services.

Which of the following is not an IT security management function?

Developing and implementing a disaster recovery plan

Who should be accountable for the protection of information assets in an organization?

The owners of the assets

What is the purpose of an IT Audit?

To evaluate the system’s internal control design and effectiveness

What is the goal of an Information Security Policy?

To provide management direction and support for information security in accordance with business requirements and relevant laws and regulations.

What is the first step in the model process for managing information security according to ISO 27001:2013?

Establish security policy, objectives, processes and procedures

What is the purpose of the "Check" step in the model process for managing information security according to ISO 27001:2013?

To assess and measure process performance against security policy, objectives and practical experience

What is the first step in the Risk Assessment process?

Identify assets and determine the level of acceptable risk

What is the difference between Qualitative and Quantitative Risk Analysis?

Qualitative Risk Analysis assigns labels such as high, medium, and low while Quantitative Risk Analysis tries to determine the value of risk by quantifying the risk with two variables: monetary loss and time

What is ISO 27001:2013?

A standard that provides requirements for an organization’s Information Security Management System (ISMS)

IT Security Management , Accountability, Compliance , Audit Framework , types of IT AUDIT, Internal controls , objectives of internal controls, Information security Policy, Security policy, ISO 27001:2013 standard , ISO 27001 Framework, PLAN-DO-CHECK-ACT Model process, Risk Assessment, Steps of Risk Assessment , Qualitative Risk analysis, Quantitative Risk analysis, Risk Assessment Compliance Perspective, Benefits of Risk Assessment.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.

More Quizzes Like This

23 questions

Hanukkah Menorah Quiz and Flashcards

Doniel Karp

15 questions

Imperialism Quiz: Test Your Knowledge of Colonialism

SustainableFuchsia