Security Program management and Oversight
Security Program Management and Oversight
This Domain is responsible for cyber security concepts and acronyms related to governance, risk, and compliance.
| Concept | Description |
| SLA | Service-Level Agreement |
| MOA | Memorandum of Agreement |
| MOU | Memorandum of Understanding |
| MSA | Master Service Agreement |
| WO | Work Order |
| SOW | Statement of Work |
| NDA | Non-disclosure Agreement |
| BPA | Business Partners Agreement |
| BCP | Business Continuity Plan |
| COOP | Continuity of operations |
| DRP | Disaster Recovery Plan |
| IRP | Incident Response Plan |
| IoC | Indicators of Compromise |
| AUP | Acceptable Use Policy |
| SDLC | Software Development Lifecycle |
| GDPR | General Data Protection Regulation |
| PCI DSS | Payment Card Industry Data Security Standard |
| ISO | International Organization for Standardization |
| CSA | Cloud Security Alliance |
| AV | Asset Value |
| EF | Exposure Factor |
| SLE | Single Loss Expectancy = AV × EF |
| ARO | Annualized Rate of Occurrence |
| ALE | Annualized Loss Expectancy = SLE × ARO |
| BIA | Business impact analysis |
| MTBF | Mean time between failures |
| MTTF | Mean time to failure |
| MTTR | Mean time to repair |
| RTO | Recovery time objective |
| RPO | Recovery point objective |
| Residual risk | Remaining risk after mitigation |
| Electric Meatball's Digital Garden Home | |
| Terminology📖 |