Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

14 Cards in this Set

  • Front
  • Back
board of directors
group of individuals who are elected by the shareholders
of a corporation to oversee the fulfillment of the corporation’s charter
chief executive officer (CEO)
has the day-to-day management responsibilities of an organization.This person is often the chairperson of the board of directors and is the highestranking
officer in the company.
chief financial officer (CFO)
responsible for the corporation’s account and
financial activities and the overall financial structure of the organization.
chief information officer (CIO)
responsible for the strategic use and management of information systems and technology within the organization.
chief privacy officer (CPO)
responsible for ensuring that customer, company, and employee data
are kept safe, which keeps the company out of criminal and civil courts and hopefully
out of the headlines
chief security officer (CSO)
responsible for understanding the risks that the
company faces and for mitigating these risks to an acceptable level. responsible
for understanding the organization’s business drivers and for creating and maintaining
a security program that facilitates these drivers, along with providing security,
compliance with a long list of regulations and laws, and any customer expectations or
contractual obligations.
security steering committee
responsible for making decisions on tactical and
strategic security issues within the enterprise as a whole and should not be tied to one
or more business units. The group should be made up of people from all over the organization
so they can view risks and the effects of security decisions on individual departments
and the organization as a whole
audit committee
should be appointed by the board of directors to help it review and
evaluate the company’s internal operations, internal audit system, and the transparency
and accuracy of financial reporting so the company’s investors, customers, and creditors
have continued confidence in the organization.
Data owner
Individual responsible for the protection and
classification of a specific data set.
Data custodian
Individual responsible for implementing and
maintaining security controls to meet security requirements outlined
by data owner.
Separation of duties
Preventive administrative control used to ensure
one person cannot carry out a critical task alone.
Two or more people working together to carry out
fraudulent activities.
Rotation of duties
Detective administrative control used to uncover
potential fraudulent activities
Mandatory vacation
Detective administrative control used to uncover
potential fraudulent activities by requiring a person to be away from
the organization for a period of time.