Page 181 - DCAP309_INFORMATION_SECURITY_AND_PRIVACY
P. 181

Unit 12: Security Metrics and Privacy




          Information Security: Management and technology programs to defend the organization from  Notes
          improper risks to the organization’s information possessions.
          Information Systems: The computer systems and information sources accessed by an organization
          to sustain its day-to-day operations.
          Integrity: The  property that  data or information  have not  been  tainted or  damaged in  an
          unauthorized manner.
          Licensee: A human being or entity that applies for or obtains a license, certificate, registration, or
          similar authority from the Department to carry out or conduct a service, activity, or function.

          Malicious Software: Software, for instance, a virus, intended to damage or disrupt a system.
          Password: Confidential authentication information included a string of characters.
          Physical Safeguards: Physical measures, policies and procedures to defend a covered entity’s
          electronic information systems and connected buildings  and equipment,  from natural and
          environmental hazards and unauthorized intrusion.
          Privacy: An  individual’s or  organization’s right to establish  whether, when and to  whom
          personal or organizational information is released.
          Privacy Rights: The particular actions that an individual can take or demand to be taken with
          regard to the uses and revelation of their information.
          Protected Information: Any participant or customer information that the Department may have
          in its records or files that must be safeguarded pursuant to Department policy. This involves but
          is not restricted to “individually identifying information”.
          Server: A server is a computer system, or a set of procedures on a computer system offering
          services to clients across a network.
          User: A person or entity with certified access.
          Vulnerability: Vulnerability is the survival of a weakness, design, or execution error that can
          lead to  an unexpected, undesirable event negotiating the security of the system,  network,
          application, or protocol concerned.
          Worm: A computer program, which replicates itself and is self-propagating. Worms, as conflicting
          to viruses, are meant to generate in network surroundings.

          Self Assessment

          Fill in the blanks
          13.  ........................... is a human being or entity that applies for or obtains a license, certificate,
               registration, or similar authority from the Department to carry out or conduct a service,
               activity, or function.

          14.  ........................... is a computer system that offers a way of sharing and working on files
               accumulated on the system among users with use to these files over a network.

          12.9 Information Privacy Principles (IPPs)

          There are ten Information Privacy Principles (IPPs) which cover the entire life cycle of information
          from compilation and handling to storage and removal. The IPPs direct how this Department
          should manage personal information. We will require to be maximize our practices in line with
          the IPPs  and beside our particular work context  to determining  whether existing  practice




                                           LOVELY PROFESSIONAL UNIVERSITY                                   175
   176   177   178   179   180   181   182   183   184   185   186