ThorTeaches.com CISSP, CISM, CC training logo

CISSP D1: Security and Risk Management

Policy Certification Authority (PCA)

Policy Certification Authority (PCA): An entity within a Public Key Infrastructure (PKI) responsible for defining, implementing, and enforcing policies and practices related to the issuance and management of digital certificates. The PCA sets standards and requirements for subordinate Certification Authorities (CAs) to ensure they operate under a common framework, maintaining the trust and reliability of […]

Policy

Policy: A set of guidelines or rules that dictate how a company or organization should handle certain situations or processes. Policies are often used to ensure compliance with regulations and to protect the security and integrity of an organization’s data and systems. Examples of policies include an employee password policy, a data retention policy, and […]

Population

Population: The total number of people or items in a specific group or area. In cybersecurity, it refers to the number of potential targets for an attack, such as the number of computers on a network or users of a particular software application.

Portfolio

Portfolio: A collection of projects, programs, sub-portfolios, and operations managed as a group to achieve strategic objectives. An organization’s technology portfolio can include a range of items such as software applications, hardware, data resources, and network infrastructure. Managing these assets in a portfolio view allows organizations to evaluate their investments comprehensively, prioritize effectively, and make […]

Personal Information Protection and Electronic Documents Act (PIPEDA)

Personal Information Protection and Electronic Documents Act (PIPEDA): The federal privacy legislation in Canada that sets out the rules for the collection, use, and disclosure of personal information in the course of commercial activities. This concept is used in the private sector, including businesses, organizations, and individuals, to protect the privacy rights of individuals and […]

Plan-Do-Check-Act (PDCA)

Plan-Do-Check-Act (PDCA): The Plan-Do-Check-Act (PDCA) cycle, also known as the Deming Wheel, is a management method used for the control and continuous improvement of processes and products. It is a fundamental principle of quality management where planning initiates change, execution implements the plan, checking measures new outcomes against expected results, and acting involves implementing successful […]