{tableName=comparison, name=APRA CPS 234 vs NIST SP 800-53, description=APRA CPS 234 and NIST SP 800-53 are cybersecurity standards that provide guidance on how to protect information systems from cyber threats. , topic=[{id=97620570527, createdAt=1673040885446, updatedAt=1715624228283, path='apra-cps-234', name='
APRA CPS 234 Guide: Cyber Security Requirements', 1='{type=string, value=APRA CPS 234}', 2='{type=string, value=
This guide provides a comprehensive overview of APRA CPS 234, the Australian Prudential Regulation Authority's (APRA) requirements for information security management. Learn how to protect your organisation's data}', 5='{type=string, value=The APRA CPS 234 Guide provides authoritative guidance to help organizations implement effective cybersecurity strategies. Written by the Australian Prudential Regulation Authority (APRA), this guide outlines the essential elements of a cyber security framework and outlines best practices for protecting data and systems from cyber threats. It provides detailed guidance on how to assess risk, implement safeguards, and respond to cyber incidents. The guide also includes information on how to develop policies and procedures, educate staff, and monitor cyber security performance. With this guide, organizations can ensure that their systems are secure and their data is protected.}', 15='{type=list, value=[{id=97620570527, name='APRA CPS 234'}]}'}], hs_path=apra-cps-234-vs-nist-sp-800-53}--
{tableName=glossary, name=Association of International Certified Professional Accountants (AICPA), description=
The Association of International Certified Professional Accountants (AICPA) is an organization that represents the global accounting profession. It is the world’s largest accounting body, with more than 650,000 members in over 130 countries. Its members include CPAs, Chartered Professional Accountants (CPAs) and Certified Management Accountants (CMAs). The AICPA sets the ethical and technical standards for the accounting profession, and provides guidance and resources to help its members stay current on changes in the profession. It also offers educational and certification programs, such as the CPA Exam and the CMA Exam, as well as continuing professional education. The AICPA also advocates for the profession and works to promote the public interest by advocating for sound financial reporting and disclosure, and by advocating for the protection of the public’s financial interests. It also works to ensure that the public has access to accurate and reliable financial information., topic=null, hs_path=association-of-international-certified-professional-accountants-aicpa}--
{tableName=glossary, name=ISO/IEC 27001 2005, description=
ISO/IEC 27001:2005 is an international standard for information security management systems (ISMS). It provides a framework for organizations to identify, assess, and manage the security risks associated with their information systems, and to protect the confidentiality, integrity, and availability of their information assets. The standard is based on a risk management approach, and is designed to help organizations protect their information assets from unauthorized access, use, disclosure, modification, or destruction. It also provides guidance on how to implement, maintain, and assess the effectiveness of an ISMS. The standard is applicable to all types of organizations, regardless of size, type, or sector. It is intended to be used in conjunction with other information security standards and guidelines, such as ISO/IEC 27002 and ISO/IEC 27005., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-2005}--
{tableName=glossary, name=ISO/IEC 27102, description=
ISO/IEC 27102 is an international standard for privacy information management systems (PIMS) developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). This standard is designed to provide organizations with a framework for developing and implementing a comprehensive privacy program that will protect personal data. The standard provides guidance on the collection, processing, storage, use, disclosure, and disposal of personal data. It also provides guidance on the development of policies and procedures to ensure that organizations are compliant with applicable privacy laws and regulations. The standard includes requirements for the protection of personal data, such as the establishment of a privacy impact assessment (PIA) process, the development of privacy policies and procedures, and the implementation of privacy management systems. In addition, it provides guidance on the use of privacy enhancing technologies (PETs) and the development of privacy education and awareness programs., topic=null, hs_path=iso-iec-27102}--
{tableName=glossary, name=Risk Reduction, description=
Risk Reduction is a process that seeks to reduce the probability and/or impact of an adverse event or outcome. It involves identifying risks and then taking steps to reduce or eliminate them. Risk reduction can be achieved through a variety of strategies, including avoidance, control, transfer, and/or acceptance. Avoidance means eliminating or avoiding the risk altogether. Control involves taking steps to reduce the likelihood of the risk occurring or the severity of its consequences. Transferring the risk involves transferring the responsibility for dealing with the risk to another party. Finally, risk acceptance means accepting the risk and its consequences and taking steps to minimize their impact. Risk reduction is an important component of any successful risk management program., topic=[{id=97620570509, createdAt=1673040885334, updatedAt=1715624292575, path='enterprise-risk-management', name='
Enterprise Risk Management Guide: A Comprehensive Guide', 1='{type=string, value=Enterprise Risk Management}', 2='{type=string, value=
This guide provides an overview of Enterprise Risk Management and its processes, enabling you to develop a risk management strategy and plan for your organization. Learn how to identify, assess, and mitigate risks.}', 5='{type=string, value=This authoritative guide provides an overview of enterprise risk management (ERM) and its essential components. It is designed to help business leaders understand the fundamentals of ERM and develop the skills and knowledge needed to effectively manage risk in their organizations. The guide begins by defining ERM and outlining its main objectives. It then examines the key elements of ERM, including risk identification, assessment, and management. It also covers the importance of risk culture and the role of technology in ERM. Finally, the guide provides best practices for implementing and maintaining an effective ERM program. With this guide, business leaders will gain the knowledge and tools needed to effectively manage risk in their organizations.}', 15='{type=list, value=[{id=97620570509, name='Enterprise Risk Management'}]}'}], hs_path=risk-reduction}--
{tableName=glossary, name=ISO/IEC 27001 Lead Auditor, description=
ISO/IEC 27001 Lead Auditor is an individual who has been trained and certified to audit and evaluate an organization’s Information Security Management System (ISMS) against the ISO/IEC 27001 standard. The auditor is responsible for understanding the requirements of the standard, assessing the organization’s ISMS, and providing assurance that the ISMS meets the requirements of the standard. The Lead Auditor is expected to develop an audit plan, conduct the audit, and provide a report of the findings. The Lead Auditor is expected to have a deep understanding of the standard and the organization’s ISMS and must be able to demonstrate the ability to analyze and interpret the results of the audit. The Lead Auditor must also have the skills to communicate effectively with the organization’s management and staff, and to make recommendations for improvement., topic=[{id=97620570500, createdAt=1673040885276, updatedAt=1716010651854, path='iso-27001', name='
ISO 27001 Guide: A Comprehensive Guide', 1='{type=string, value=ISO 27001}', 2='{type=string, value=This guide provides a comprehensive overview of the ISO 27001 standard, including the requirements, implementation, and certification. Learn how to ensure your organization's information security is up to date and compliant.}', 5='{type=string, value=
This guide provides an authoritative and detailed overview of the ISO/IEC 27001 standard, which defines the requirements for an Information Security Management Systems (ISMS) associated with information security, cybersecurity and privacy protection.
Learn about the purpose and scope of the standard, the key requirements for an ISMS, how to implement and maintain an ISMS, how to establish an effective security risk management program, how to develop and implement security policies, how to implement controls to protect information and services and how to audit and review systems to ensure they meet the requirements of the standard.
This guide is an essential resource for anyone looking to understand and implement ISO 27001.
}', 15='{type=list, value=[{id=97620570500, name='ISO 27001'}]}'}], hs_path=iso-iec-27001-lead-auditor}--
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77