Sensitivity
Sensitivity: The quality or measure of the potential impact that could result from unauthorized access, modification, or loss of data. It is often determined by legal, ethical, or business requirements and is used to guide decisions around the level of security controls that should be applied to protect specific types of data. Higher sensitivity information […]
Separation of Duties (SoD)
Separation of Duties (SoD): A risk management strategy designed to prevent fraud and error by dividing critical tasks and functions among multiple individuals or teams. The goal of SoD is to ensure that no single person can complete a high-risk task alone, thereby reducing the potential for malicious activity or unintentional errors. SoD is often […]
Security governance
Security governance: The overarching structure, principles, and procedures that define and guide an organization’s approach to managing security risks. Security governance encompasses the roles and responsibilities of various stakeholders, policy creation and enforcement, compliance management, and alignment of security objectives with business goals. Effective security governance ensures that all aspects of security are addressed in […]
Security policy
Security policy: A set of comprehensive guidelines that dictate how an organization manages and protects its information and IT resources. Security policies are the backbone of an organization’s security infrastructure, outlining user responsibilities, acceptable use, and the protocols for responding to security incidents.
Security standards
Security standards: Established guidelines and specifications designed to maintain information security and provide a baseline for implementing cybersecurity measures. Standards such as ISO/IEC 27001 help organizations protect assets, comply with regulations, and foster trust with stakeholders.
SEC (Securities and Exchange Commission)
SEC (Securities and Exchange Commission): A U.S. government agency that regulates the securities industry and oversees the stock and options exchanges. The SEC is responsible for enforcing federal securities laws and protecting investors from fraudulent or misleading practices. For example, the SEC might investigate a company for insider trading or issuing false financial statements.