Week 5 - (Terms) Information Security

avatar
Created by
Daniel Shogun

Subdecks (1)

Cards (62)

  • Cultural Mores - It is the fixed moral attitudes or customs of a particular group
  • Ethics - These are the codes or principles of an individual or group that regulate and define acceptable behavior.
  • Laws - These are the set of rules that mandate or prohibit certain behavior and are enforced by the state.
  • Policies - It is the managerial directives that specify acceptable and unacceptable employee behavior in the workplace
  • For a policy to become enforceable, it must meet the following five criteria: Dissemination, Review, Comprehension, Compliance, Uniform Enforcement.
  • Dissemination - The organization must be able to demonstrate that the relevant policy has been made readily available for review by the employee.
  • Review - The organization must be able to demonstrate that it disseminated the document in an intelligible form, including versions for employees who are illiterate, reading-impaired, and unable to read English.
  • Comprehension - The organization must be able to demonstrate that the employee understands the requirements and content of the policy.
  • Compliance - The organization must be able to demonstrate that the employee agreed to comply with the policy through act or affirmation.
  • Uniform Enforcement - The organization must be able to demonstrate that the policy has been uniformly enforced, regardless of employee status or assignment.
  • The four types of law are: Civil, Criminal, Public, and Private.
  • Civil Law - It compromises a wide variety of laws that govern a nation or state and deal with the relationships and conflicts between organizations and people.
  • Criminal Law - It addresses activities and conduct harmful to society, and is actively enforced by the state.
  • Criminal Law - This law can be also categorized as private or public
  • Private Law - It encompasses family law, commercial law, and labor law, and regulates the relationship between individual and organizations.
  • Public Law - It regulates the structure and administration of government agencies and their relationships with citizens, employees, and other governments.
  • Public Law - It includes the criminal, administrative, and constitutional law.
  • The common compliance technique are: Logon Banners (specific action like mouse click or keystroke to acknowledge an agreement) or Signed Document.
  • The Common Review Techniques are: Recording of the Policy in English and Alternate Languages
  • The common dissemination techniques are: Hard Copy and Electronic Distribution.
  • The common comprehension techniques are : Quizzes and Other Assessments
  • Identity Theft - It is the unauthorized taking of personally identifiable information with the intent of committing fraud and abuse of a person's financial and personal reputation, purchasing goods, and services without authorization, and generally impersonating the victim for illegal or unethical purposes.
  • Personally Identifiable Information - It is the information about a person's history, background, and attributes that can be used to commit identity theft.
  • Personally Identifiable Information - This information typically includes a person’s name, address, social security number, family information, employment history, and financial information.
  • Economic Espionage Act in 1996 - This law attempts to prevent trade secrets from being illegally shared.
  • Security and Freedom through Encryption Act of 1999 - Provide guidance for the use of encryption and provides protection from government intervention
  • U.S. Copyright Law - It extends this privilege to published works, including electronic formats.
  • U.S. Copyright Law - The fair use allows copyrighted materials to be used to support news reporting, teaching, scholarship, and similar activities, as long as the use is for educational or library purposes, is not for profit, and is not excessive.
  • Sarbanes-Oxley Act of 2002 - It is also known as SOX or the Corporate and Auditing
  • Accountability and Responsibility Act - It is a critical piece of legislation that affects the executive management of publicly traded corporations and public accounting firms.
  • Sarbanes-Oxley Act of 2002 - The law seeks to improve the reliability and accuracy of financial reporting, as well as increase the accountability of corporate governance, in publicly traded companies.
  • Freedom of Information Act - It allows any person to request access to federal agency records or information not determined to be a matter of national security.
  • Freedom of Information Act - Agencies of the federal government are required to disclose requested information upon receipt of a written request. This requirement is enforceable in court.
  • Payment Card Industry Data Security Standards - It is designed to enhance the security of customer's account data.
  • Payment Card Industry Data Security Standards - The regulations include requirements for information security policies, procedures, and management, as well as technical software and networking specifications.
  • Payment Card Industry Data Security Standards - It was developed to encourage and enhance cardholder data security and facilitate the broad adoption of consistent data security measures globally
  • Cybercrime Prevention Act of 2012 - Republic Act No. 10175
  • RA 10175 is a law in the Philippines that was approved on September 12, 2012.
  • RA 10175 - It aims to address legal issues concerning online interactions and the internet in the Philippines.
  • RA 10175 was created by the Office of Cybercrime (OOC) within the DOJ and designated it as the central authority in all matters relating to international mutual assistance and extradition for cybercrime and cyber-related matters.