Level 36 Level 38
Level 37

526 - 540


15 words 0 ignored

Ready to learn       Ready to review

Ignore words

Check the boxes below to ignore/unignore words, then click save at the bottom. Ignored words will never appear in any learning session.

All None

Ignore?
local regulations
May impact data classification and handling such as those controlled by data protection
US Sarbanes-Oxley Act
Defines which data records must be stored and for how long.
Information may also need to be
Reclassified based on changes to its importance
prior to a product release
Details of the design, pricing and other information may be confidential and need
Another important consideration for data security is
Defining the data owner
Business information belongs to
Whoever is ultimately responsible for the business process
The data owner
Is usually responsible for determining the data classification and therefore the level of
When classifying data, the following requirements should be considered
Access and authentication,
Access and authentication
Determine access requirements including defining users profiles, access approval
Confidentiality
Determine where sensitive data are stored and how they are transmitted.
Privacy
Utilize controls to warn an affected user that his or her information is about to be used.
Availability
Determine the uptime and downtime tolerances for different data types.
Ownership and distribution
Establish procedures to protect data from unauthorized copy and distribution.
Integrity
Protect data from unauthorized changes using change control procedures and automated monitoring
Data retention
Determine retention periods and preserve specific versions of software, hardware, authentication