D320 (C838) Laws, Regulations, and Organizations, Exam Review. Verified.

D320 (C838) Laws, Regulations, and Organizations, Exam Review. Verified. (ISC)2 - International Information System Security Certification Consortium A security certification granting organization that has a long history of certifications that were difficult to get. This difficulty has made their certificates seen as having higher value in the industry. (ISC)2 Cloud Secure Data Life Cycle Based on CSA Guidance. 1. Create; 2. Store; 3. Use; 4. Share; 5. Archive; 6. Destroy. (SAS) 70 _____ was a recognized standard of the American Institute of Certified Public Accountants (AICPA) in response to the issues that also lead to Sarbanes-Oxley (SOX). Deprecated in 2011 by the Statement on Standards for Attestation Engagements (SSAE) No. 16. AICPA established SAS 70 and later SAAE 16. AICPA American Institute of Certified Public Accountants Organizational Normative Framework (ONF) Concepts of ISO 27034. There is only one _____ for an organization but potentially as many ANF's as applications. ASHRAE - American Society of Heating, Refrigerating and Air-Conditioning Engineers a professional association seeking to advance heating, ventilation, air conditioning and refrigeration systems design and construction. Biba an access control model designed to preserve data integrity. It has 3 goals. Maintain internal and external consistency; prevent unauthorized data modification even by authorized parties; prevent data modification by unauthorized individuals. Capability Maturity Model (CMM)