{tableName=glossary, name=Strategic Risk, description=
Strategic risk is the risk that an organization takes when it makes strategic decisions, such as entering a new market, introducing a new product, or changing its business model. This type of risk is associated with uncertainty and the potential for losses due to unexpected events or changes in the external environment. Strategic risk can include a wide range of risks, such as financial, operational, legal, reputational, and political risks. Strategic risk management involves identifying, assessing, and managing the risks associated with strategic decisions. Risk management strategies can include developing contingency plans, diversifying investments, and implementing risk mitigation measures. Strategic risk management is an important part of any organization’s overall risk management strategy., topic=null, hs_path=strategic-risk}--
{tableName=glossary, name=Information Security Management System (ISMS), description=
An Information Security Management System (ISMS) is a comprehensive set of policies, procedures, controls, and technologies used to protect sensitive information from unauthorized access, use, disclosure, destruction, or modification. It is designed to ensure the confidentiality, integrity, and availability of data and systems, as well as to protect against threats such as malicious attacks, natural disasters, and human error. An ISMS typically includes risk assessments, security policies and procedures, technical controls, and user awareness training. It is important for organizations to create and maintain an effective ISMS to ensure the security of their data and systems., topic=[{id=97620570504, createdAt=1673040885302, updatedAt=1715750255339, path='information-security-management-system', name='
ISMS Guide: Info Security Mgmt System Overview', 1='{type=string, value=Information Security Management System (ISMS)}', 2='{type=string, value=
This authoritative guide provides a comprehensive overview of Information Security Management Systems (ISMS). It covers the fundamentals of ISMS, as well as best practices for implementing an effective ISMS. It also}', 5='{type=string, value=This guide provides a comprehensive overview of Information Security Management Systems (ISMS), which are designed to protect organizations from the risks for which information security, cybersecurity and privacy protection are required. It covers the fundamentals of ISMS, including the components of an ISMS, the process of implementing an ISMS, and the various requirements and standards associated with ISMS. It also covers the different types of security threats, the best practices for mitigating them, and the importance of having a robust ISMS in place. Finally, this guide provides practical advice on how to design and implement an effective ISMS, as well as how to maintain it over time. With this guide, readers will gain a deeper understanding of how to protect their organizations from cyber threats and ensure their data is secure.}', 15='{type=list, value=[{id=97620570504, name='Information Security Management System (ISMS)'}]}'}], hs_path=information-security-management-system-isms}--
{tableName=glossary, name=Data Asset, description=
Data Asset: A data asset is any structured or unstructured data that has value to an organization. Data assets are typically used to inform decisions, build products, and discover insights. Data assets can include customer data, financial data, operational data, and any other data that is important to an organization. Data assets can be stored in databases, spreadsheets, or other formats, and can be accessed through applications, analytics tools, or other means. Data assets are usually managed and maintained by data analysts, data scientists, or other data professionals. Data assets are valuable resources that can help organizations become more efficient, competitive, and profitable., topic=null, hs_path=data-asset}--
{tableName=glossary, name=GDPR Risk Assessment, description=
GDPR Risk Assessment is a comprehensive, systematic and documented process of evaluating the potential risks associated with the collection, storage, and processing of personal data under the General Data Protection Regulation (GDPR). This assessment is designed to identify, analyze, and document any risks to the privacy and security of personal data that may exist within a company's data processing activities. The assessment also includes an evaluation of the measures taken to mitigate or eliminate any identified risks. The GDPR Risk Assessment should be conducted by a qualified professional and should include the following steps: (1) Identifying the data processing activities that are subject to the GDPR; (2) Identifying any potential risks associated with the data processing activities; (3) Evaluating the measures taken to mitigate or eliminate the identified risks; (4) Documenting the assessment findings; and (5) Developing a plan of action to address any remaining risks. The GDPR Risk Assessment should be reviewed and updated regularly to ensure that any changes in the data processing activities are taken into account and that any new risks are identified and addressed., topic=null, hs_path=gdpr-risk-assessment}--
{tableName=glossary, name=GDPR Data Governance, description=
GDPR Data Governance is the set of policies, procedures, and processes that organizations use to ensure that their data is collected, stored, used, and shared in accordance with the European Union’s General Data Protection Regulation (GDPR). It is designed to protect the privacy of individuals and their personal data, as well as to ensure that organizations are compliant with the GDPR’s requirements. GDPR Data Governance includes processes such as data mapping and inventory, risk assessments, data protection impact assessments, data security policies, data retention and deletion policies, data breach notification procedures, and training and awareness programs. It also includes establishing roles and responsibilities for data protection, such as appointing a Data Protection Officer and establishing a Data Protection Team. GDPR Data Governance is essential for organizations to ensure that they are compliant with the GDPR and to protect the privacy of their customers and employees., topic=null, hs_path=gdpr-data-governance}--
{tableName=glossary, name=ISO/IEC /IEC 27000, description=
ISO/IEC 27000 is a family of international standards developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) that provide best practice guidelines for information security management. It is designed to help organizations ensure the confidentiality, integrity, and availability of their information assets. The standards cover a wide range of topics, including risk management, access control, physical and environmental security, asset classification, personnel security, and incident management. They provide guidance on how to design, implement, and maintain an effective information security management system (ISMS). The standards also provide a framework for organizations to assess their security posture and identify potential areas for improvement. The ISO/IEC 27000 family of standards is widely recognized and adopted by organizations around the world., topic=[{id=97620570516, createdAt=1673040885379, updatedAt=1715624504033, path='iso-27000', name='
ISO 27000 Guide: Security Management System Overview', 1='{type=string, value=ISO 27000}', 2='{type=string, value=
This guide is designed to help you understand the fundamentals of ISO 27000, the international standard for Information Security Management Systems. Learn how to create a secure framework to protect your data and assets.}', 5='{type=string, value=This authoritative guide provides an in-depth overview of the International Organization for Standardization (ISO) 27000 Series, which is a set of standards focused on information security management. The guide covers the essential elements of the ISO 27000 Series, including the different standards and their objectives, the implementation process, and best practices for security management. It also provides practical advice and guidance for organizations looking to adopt the ISO 27000 Series and ensure their information security management is up to the highest standards. With this guide, readers will gain a better understanding of the ISO 27000 Series and how to effectively implement and manage security within their organization.}', 15='{type=list, value=[{id=97620570516, name='ISO 27000'}]}'}], hs_path=iso-iec-iec-27000}--
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77