One of the first components of risk identification is identification, inventory, and categorization of assets, including all elements, or attributes, of an organization's information system. List and describe these asset attributes.
What will be an ideal response?
People comprise employees and nonemployees.?Procedures fall into two categories: IT and business standard procedures, and IT and business-sensitive procedures.?Data components account for the management of information in all its states: transmission, processing, and storage.?Software components are assigned to one of three categories: applications, operating systems, or security components.?Hardware is assigned to one of two categories: the usual systems devices and their peripherals, and the devices that are part of information security control systems.?Hardware components are separated into two categories: devices and peripherals, and networks.
You might also like to view...
The Quick Access Toolbar can be customized
Indicate whether the statement is true or false
Precise control for moving selected objects on a form is accomplished by using the ____________________ keys on the keyboard.
Fill in the blank(s) with the appropriate word(s).
To see additional table styles, click the Table Styles ____ button.
A. Plus B. Advanced C. Extras D. More
The __________ strategy is the choice to do nothing to protect a vulnerability and to accept the outcome of its exploitation.
A. defense B. transference C. mitigation D. acceptance