Centraleyes’s Glossary

A-Z guide to commonly used cybersecurity terms and phrases
 
Glossary visual

Resources | Glossary

DAC glossary feature
What is Discretionary Access Control (DAC)?  Discretionary Access Control (DAC) is one of the simplest and most flexible access control
asv-glossary-feature
What is CDI (Covered Defense Information)? Covered Defense Information (CDI) refers to unclassified information that requires protection due to its
ai secure development glossary feature
What is AI Secure Development? AI secure development means ensuring security is part of the AI development process from the
asv-glossary-feature
What is an Approved Scanning Vendor? An Approved Scanning Vendor (ASV) is a company or organization that has been certified
law enforcement security
Not all sensitive information is classified at the highest levels in the law enforcement sector. Some of it falls into
cdsa feature
The Content Delivery & Security Association (CDSA) has long been a cornerstone in the media and entertainment industries. It ensures
roc feature
A Report on Compliance (ROC) is a detailed document that outlines an organization’s adherence to the Payment Card Industry Data
Ot cyber security feature
What is an OT Cyber Risk Framework? An OT Cyber Risk Framework is a structured approach designed to identify, assess,
unified privacy framework
Navigating today’s U.S. privacy regulations is like trying to solve a Rubik’s Cube without a handbook. Except instead of matching
Data Subprocessor
What is a Data Subprocessor? A Data Subprocessor is a third party engaged by a Data Processor to assist with
Threat-Based Risk Assessment
What is a Threat-Based Risk Assessment? Threat-Based Risk Assessment is an approach that incorporates real-time threat intelligence into the risk
Semi-Quantitative Risk Assessment
Various methodologies are employed to identify, evaluate, and mitigate risks. Among these methodologies, semi-quantitative risk assessment combines elements of both
Vulnerability-Based Risk Assessment
What is Vulnerability-Based Risk Assessment? A vulnerability-based risk assessment is a structured process designed to identify, evaluate, and address vulnerabilities
Risk Management Strategy
What is a Risk Management Strategy? A risk management strategy is a structured approach to identifying, assessing, and mitigating risks
Authorization to Operate (ATO)
What is an ATO? An ATO is a hallmark of approval that endorses an information system for use within a
StateRAMP
What is StateRAMP? In 2011, the Federal Risk and Authorization Management Program (FedRAMP) laid the groundwork for a standardized assessment
Segregation of Duties
What is the Segregation of Duties? Segregation of duties (SoD) is like a game of checks and balances in the
PCI Penetration Testing
The March 31, 2024, deadline for PCI 4.0 has already passed, and organizations must be updated with the new regulation.
Due Diligence Questionnaire
What is a Due Diligence Questionnaire (DDQ)? When companies evaluate a potential vendor or M&A transaction, they’ll use due diligence
Key Risk Indicator
What is a Key Risk Indicator? According to Cobit 5, KRIs are metrics that provide insight into an enterprise’s level
AI Policy
What are AI Policies? AI policies serve as a guiding framework for organizations, delineating the principles, guidelines, and procedures governing
TISAX
What is TISAX? TISAX is a standard evaluation and exchange process for the automotive industry. It uses the ISA security
COPPA
The Children’s Online Privacy Protection Act (COPPA) is a federal law in the United States that safeguards children’s online privacy.
AI Risk Management
Advancements in generative AI technologies, such as GPT-3 and DALL·E, have accelerated global AI adoption. While businesses implement AI to
AI Auditing
What is an AI Audit? AI audits determine whether an AI system and its supporting algorithms follow secure, legal, and
Data Exfiltration
What Is Data Exfiltration? Data exfiltration is the unauthorized removal or moving of data from or within digital devices. Data
Data Sovereignty
What is Data Sovereignty? Data sovereignty asserts that digital data is subject to the laws of the country in which
Control Objectives for Information and Related Technologies (COBIT)
What is Control Objectives for Information and Related Technologies (COBIT)? COBIT 5, developed by the Information Systems Audit and Control
Audit Management Software
What is Audit Management Software? Audit management software is the cornerstone of organizations’ efficient audit oversight, governance, and procedural management.
Vendor Framework
What is a Vendor Framework? In today’s turbo-charged business world, we’re all about connections, which means relying on third-party vendors
Skip to content