INDEX
access control (AC)
based on need to know 155
defined xxv
failures/vulnerabilities 60, 140–3
NIST SP 800-53 Revision 4 controls 162
user accounts 188
accountability 19
of ICT systems 119
see also certification
active content 139
administrative privileges, control of 154, 188
AIRMIC (Association of Insurance and Risk Managers) 194, 203
application software
interdependencies 133
resilience 98
security 153
see also software
asset management controls 157
assets
return of 149
see also information assets
asynchronous replication 96
attacks
denial of service attacks 17
Get Information Risk Management: A practitioner’s guide now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.