X hits on this document

Powerpoint document

HHS Cybersecurity Program Training Information Security for Information Technology (IT) Administrato... - page 154 / 158





154 / 158

U.S. Department of Health and Human Services


System Owner - An individual responsible for the proper technical and business functioning of an IT system. System owners have ultimate authority over the operation and maintenance of an IT system. System owners work with system managers and business managers to ensure that the system is providing the automation support required to perform their functions.

Security Plan – Formal document that provides an overview of the security requirements for an information system or an information security program and describes the security controls in place or planned for meeting those requirements.

Technical Controls - System security safeguards that are primarily implemented and executed by the system through mechanisms contained in the hardware, software, or firmware components of the system.

Threat - Any circumstance, event, or act that could cause harm by destroying, disclosing, modifying, or denying service to information resources.

Vulnerability - A weakness in an information system, system security procedures, internal controls, or implementation that could be exploited or triggered by a threat source.

Security Controls - The management, operational, and technical safeguards and countermeasures prescribed for an information system to protect the confidentiality, integrity, and availability of the system and its information.

Senior Official for Privacy (SOP) – The senior official within HHS responsible for Department-wide Adherence to the Privacy Act of 1974.

Document info
Document views605
Page views605
Page last viewedMon Jan 23 00:32:21 UTC 2017