©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
CRISC - Terms and Definitions Study Guide
Access control - Answer✔️✔️-The processes, rules and deployment mechanisms
that control access to information systems, resources and physical access to
premises
Access rights - Answer✔️✔️-The permission or privileges granted to users,
programs or workstations to create, change, delete or view data and files within a
system, as defined by rules established by data owners and the information security
policy
Accountability - Answer✔️✔️-The ability to map a given activity or event back to
the responsible party
Advanced persistent threat (APT) - Answer✔️✔️-An adversary that possesses
sophisticated levels of expertise and significant resources which a1low it to create
opportunities to achieve its objectives using multiple attack vectors (NIST SP800-
160l)
Application controls - Answer✔️✔️-The policies, procedures and activities designed
to provide reasonable assurance that objectives relevant to a given automated
solution (application) are achieved
1
,©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Architecture - Answer✔️✔️-Description of the fundamental underlying design of the
components of the business system, or of one element of the business system (e.g.,
technology), the relationships among them, and the manner in which they support
enterprise objectives
Asset - Answer✔️✔️-Something of either tangible or intangible value worth
protecting, including people, information,
infrastructure, finances and reputation
Asset value - Answer✔️✔️-The value of an asset is subject many factors including
the value to both the business and to competitors. An asset may be valued
according to what another person would pay for it, or by its measure of value to the
company. Asset value is usua1ly done using a quantitative (monetary) value
Authentication - Answer✔️✔️-The act of verifying identity, i.e., user, system,
service
Availability - Answer✔️✔️-Ensuring timely and reliable access to and use of
information to authorised entities
Awareness - Answer✔️✔️-Being acquainted with, mindful of, conscious of and well
informed on a specific subject, which implies
2
, ©PREP4EXAMS 2024/2025 REAL EXAM DUMPS Tuesday, August 6, 2024 10,57 AM
Balanced scorecard (BSC) - Answer✔️✔️-A coherent set of performance measures
organized into four categories that includes traditional financial measures, but adds
customer, internal business process, and learning and growth perspectives
Business case - Answer✔️✔️-Documentation of the rationale for making a business
investment, used both to support a business decision on whether to proceed with
the investment and as an operational tool to support management of the investment
through its full economic life cycle
Business continuity - Answer✔️✔️-Preventing, mitigating and recovering from
disruption
Business continuity - Answer✔️✔️-Preventing, mitigating and recovering from
disruption
Business continuity plan (BCP) - Answer✔️✔️-A plan used by an enterprise to
respond to disruption of critical business processes. Depends on the contingency
plan for restoration of critical systems
Business goal - Answer✔️✔️-The translation of the enterprise's mission from a
statement of intention into performance targets and results
Business impact - Answer✔️✔️-The net effect, positive or negative, on the
achievement of business objectives
3