INDEX

Please note that index links point to page beginnings from the print edition. Locations are approximate in e-readers, and you may need to page down one or more times after clicking a link to get to the indexed material.

A

AC-5 control (NIST SP 800-53), 113, 114

AC-6 control (NIST SP 800-53), 190

AC-7 control (NIST SP 800-53), 188–189

access controls

defined, 4

KPI for, 244, 246, 248

supporting security goals, 7

accountability

defined, 5

KPI for audit and, 250–251

nonrepudiation and, 6–7

acquisition phase (SDLC), 51, 147

action plans for risk response, 137

administrative controls, 184

Agile program management framework, 150–151

analyzing risk scenarios, 80

ANSI (American National Standards Institute), 199

APO (Align, Plan, and Organize) ...

Get CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.