ISMS

Operation ; Performance evaluation ; Improvement ; Management responsibility

Context of the organization; Leadership ; Planning ; Support

Leadership ; Establish the ISMS ; Planning ; Support

Management responsibility ; Planning ; Support; Context of the organization

CDPA

CPDA

PDCA

DPCA

Business data that is valuable to the organization

Availability of personal data to unauthorized entities

Set of measures that ensure protection of PII from unauthorized access, disclosure, modification, or destruction.

All the above are correct

Nonavailability of Email server owing to monthly maintenance

Unavailability of network due to bandwidth bottlenecks

Accidental deletion of program files by a software programmer

All the above are security incidents

A good understanding of the information security requirements, risk assessment, and risk management

Visible support and commitment from all levels of management

Information security policy, objectives, and activities that reflect business objectives

External security consultants or technical experts

Threat

Vulnerability

Informational asset

All of above

Risk Acceptance

Risk Avoidance

Risk Transfer

Risk Appetite

Preservation of confidentiality, integrity and availability of information

Detecting, reporting and preventing network and data security breaches

Summary of Risk controls applicable for the organization including justification for inclusions and exclusion.

None of the above