... "permitted, accepted and/or agreed by management or some other authority as being in the best interests of the organisation, the workforce, the stakeholders or society at large" [source: SecAware glossary]
... ideally formalised and explicitly documented, providing evidence
... the opportunity to check a proposed course of action
... deciding what should or should not be permitted
... deciding who should or should not be permitted
... one means of issue, incident or error detection
... often informal, implicit and undocumented
... usually manual, sometimes automated
... the acquisition of privileges and rights
... only effective if actually checked
... (mis)spelled with a zee
... a management process
... a governance approach
... the removal of barriers
... the point of no return
... authority to proceed
... a mere formality
... a delaying tactic
... a business issue
... a policy matter
... the green light
... discretionary
... empowering
... sanctioning
... go ahead
... approval
... red tape
...
Previous pontifications:
- Accountability is ...
- Assurance is ...
- Audit is ...
- Control is ...
- Cyber is ...
- Fragility is ...
- Governance is ...
- Impact is ...
- Information is ...
- ISO27k is ...
- Oversight is ...
- Resilience is ...
- Responsibility is ...
- Risk is ...
- Security is ...
- System is ...
- Threat is ...
- Trust is ...
- Vulnerability is ...
No comments:
Post a Comment
The floor is yours ...