Established rules on how consumers and their information should be handled during an e-commerce transaction.

The laws that set expectations on how your personal information should be protected and limits place on how the data should be shared.

1. Information that supports a conclusion. 2. Material presented to a regulator to show compliance.

Information security risk assessment

A formal process to identify threats, potential attacks, and impacts to an organization.

Information Technology and Infrastructure Library (ITIL)

A framework that contains a comprehensive list of concepts, practices, and processes for managing IT services.

Software that blocks access to specific sites on the Internet.

The practice of agreeing to use of personal information beyond its original purpose. An example of opt-in is asking a consumer who just sold his or her home if the real-estate company can share the consumer’s information with a moving company.

The practice of declining permission to use personal information beyond original purpose. Ex: a consumer who just sold his or her home may decline permission for the real estate company to share his or her information with a moving company.

Payment Card Industry Data Security Standard (PCI DSS)

A worldwide information security standard that describes how to protect credit card information. If you accept Visa, MasterCard, or American Express, you are required to follow PCI DSS.

In e-commerce, broadly deals with how personal information is handled and what it used for.

Security control mapping

When related to compliance, it’s the mapping of regulatory requirements to policies and controls.

A person who buys stock in a company (investor).

Statement on Auditing Standard 70 (SAS 70)

A widely accepted auditing standard created by the American Institute of Certified Public Accountants (AICPA). A SAS 70 audit examines an organization’s control environment. This usually includes an audit of the information security controls.

Help

Options

focusNode

Didn't know it?
click below

Knew it?
click below

Don't Know

Remaining cards (0)

Know

retry

shuffle

restart

0:00

Embed Code - If you would like this activity on your web page, copy the script below and paste it into your web page.

Normal Size Small Size show me how

CSCI340 Johnson Ch3

Term	Definition
Consumer rights	Established rules on how consumers and their information should be handled during an e-commerce transaction.
Data privacy	The laws that set expectations on how your personal information should be protected and limits place on how the data should be shared.
Evidence	1. Information that supports a conclusion. 2. Material presented to a regulator to show compliance.
Information security risk assessment	A formal process to identify threats, potential attacks, and impacts to an organization.
Information Technology and Infrastructure Library (ITIL)	A framework that contains a comprehensive list of concepts, practices, and processes for managing IT services.
Internet ﬁlters	Software that blocks access to specific sites on the Internet.
Opt-in	The practice of agreeing to use of personal information beyond its original purpose. An example of opt-in is asking a consumer who just sold his or her home if the real-estate company can share the consumer’s information with a moving company.
Opt-out	The practice of declining permission to use personal information beyond original purpose. Ex: a consumer who just sold his or her home may decline permission for the real estate company to share his or her information with a moving company.
Payment Card Industry Data Security Standard (PCI DSS)	A worldwide information security standard that describes how to protect credit card information. If you accept Visa, MasterCard, or American Express, you are required to follow PCI DSS.
Personal privacy	In e-commerce, broadly deals with how personal information is handled and what it used for.
Security control mapping	When related to compliance, it’s the mapping of regulatory requirements to policies and controls.
Shareholder	A person who buys stock in a company (investor).
Statement on Auditing Standard 70 (SAS 70)	A widely accepted auditing standard created by the American Institute of Certified Public Accountants (AICPA). A SAS 70 audit examines an organization’s control environment. This usually includes an audit of the information security controls.

Created by: 1607686264

Popular Computers sets

Definitions for Word Processing and the main parts of the MS Word 2010 window

WP Page Formatting

WP Paragraph Formatting terms

Review business letter parts

Review the three paragraph formats (block, indented, hanging indent)

WP font formatting features in Word 2010

Arkansas CBA unit 1 Hardware

"Know" box contains:
Time elapsed:
Retries: