Across
- 1. The practice of protecting information, systems and assets from threats.
- 4. A model where decision-making is spread across units.
- 7. The detailed steps employees follow to apply a policy.
- 8. Setting security objectives, identifying risks and allocating resources.
- 11. The executive who leads and manages the organization’s security program.
- 14. A model where one authority makes all security decisions.
- 16. Making sure security strategies support business goals.
- 17. Using third-party providers for services such as managed security.
- 18. Directing and motivating teams to meet security objectives.
- 19. A person who oversees IT systems and implements security measures.
Down
- 2. Meeting mandatory laws, regulations and industry standards.
- 3. A person who checks systems for compliance and weaknesses.
- 5. Structuring people and resources to execute the security plan.
- 6. The chance that a threat could harm systems, data or reputation.
- 8. A high-level rule that states how an organization protects its information.
- 9. A professional who monitors networks and investigates threats.
- 10. The system of directing and controlling security decisions and accountability.
- 12. A structured set of best practices and standards for managing security.
- 13. A model combining centralized standards with local flexibility.
- 15. Monitoring security performance and making improvements.