The FREE Cybersecurity Glossary by Thor Pedersen!

Information systems audit: An information systems audit is a systematic review and evaluation of an organization's information systems, practices, operations, and related controls. Conducted by internal or external auditors, these audits aim to verify the reliability and integrity of IT systems, ensure compliance with policies and regulations, and detect any breaches or security risks. Audits can cover areas such as network security, system integrity, and data management.

Information Systems Security (INFOSEC): The practice of protecting information systems from unauthorized access, use, disclosure, disruption, modification, or destruction. It is used in organizations to ensure the confidentiality, integrity, and availability of information assets. Examples - encryption, access control, and intrusion detection.

Information Systems Security Manager (ISSM): A person who is responsible for managing the information security program of an organization. It is used in organizations to ensure that information security policies and procedures are implemented and followed. Examples include overseeing security training for employees, conducting security assessments, and responding to security incidents.

Information Systems Security Officer (ISSO): A person who is responsible for implementing and maintaining information security controls for a specific information system. It is used in organizations to ensure that the information system is secure and compliant with information security policies and regulations. Examples - implementing access controls, conducting security audits, and providing security guidance to system users.

Information Technology (IT): Information Technology (IT) involves the use of computers, networking, and other physical devices to manage and process data. IT is integral to modern businesses, providing tools for data analysis, infrastructure management, and digital communications. Cybersecurity is a critical aspect of IT, protecting data from threats like hacking and breaches. With technology's rapid evolution, IT is constantly adapting and adopting innovative practices and systems such as cloud computing, artificial intelligence, and the Internet of Things (IoT). IT professionals work to maintain operational efficiency, ensure data integrity, and foster technological growth within organizations.

Information Technology Security Evaluation Criteria (ITSEC): A set of standards and guidelines used to evaluate the security of information technology products and systems. It is used in organizations to ensure that the information technology they use is secure and compliant with information security standards. Examples - functional and assurance requirements, security targets, and evaluator qualifications.