1. What is IT Security Governance?
2. 2. What (commonly) governance activities should gauge?
3. 3. Who is responsible for information security and why?
4. 4. List all steps of Nine-Step Risk Process
5. 5. List all general categories of threats and provide examples of each
6. 6. What is vulnerability identification?
7. 7. List Likelihood levels and provide definitions
8. 8. What are general categories of impacts and provide example for each
9. 9. ITIL identifies three areas that need to be considered - identify and briefly described each one of them.
10. 10. What are things to consider when selecting technical controls?
11. 11. What is BAA?
12. 12 List and briefly describe Key regulatory requirements