( 43) ___________ refers to the degree of risk an organization is willing to accept.
( 44) To which sector does the Gramm-Leach-Bliley Act apply primarily?
( 45) To protect information systems and assess risk, NIST standards describe inventorying hardware and software, categorizing risk levels, and which controls to apply, among others. One standard involves certification and accreditation. What is the purpose of this process?
( 46) Which compliance law concept states that individuals should know what information about them is being collected and should be told how that information is being used?
( 47) Which law applies to educational institutions and protects students’ records?
( 48) Which of the following is not a key component that must be covered in an organization’ s security policy for CIPA compliance?