True False QUESTION 18 In order for security policies to be HIPAA compliant

True false question 18 in order for security policies

This preview shows page 3 - 5 out of 7 pages.

TrueFalse QUESTION 18 In order for security policies to be HIPAA-compliant, they must include the following three key control requirements: administrativesafeguards, physical safeguards, and technical safeguards. 2 points   Saved Saved QUESTION 19In order to be compliant with the NIST publications, policies must include key security control requirements. One of these keyrequirements includes certification and accreditation, which is a process that occurs after the system is documented, controls tested,and risk assessment completed. It is required before going live with a major system. Once a system is certified and accredited,responsibility shifts to the owner to operate the system.2 points   Saved QUESTION 20Of the types of U.S. compliance laws, there are a number of laws that are designed to provide confidence in the markets._______________ are the beneficiaries of these laws.2 points   SavedSaved QUESTION 21The Committee of Sponsoring Organizations (COSO) is an endorsed framework that companies commonly use to meet SOX 404requirements. Formerly known as the Information Systems Audit and Control Association, this framework is an internationallyrecognized best practice.2 points   Saved QUESTION 22 The SOX act created the ______________________, which sets accounting and auditing standards. Public Company Accounting Oversight Board (PCAOB)Committee of Sponsoring Organizations (COSO)Control Objectives for Information and related Technology (COBIT)The Family Educational Rights and Privacy Act (FERPA) 2 points   Saved QUESTION 23 An organization’s _________________ is a good source for determining what should be in security policies to meet regulatoryrequirements. 2 points   Saved QUESTION 24 2 points   Saved Saved Save All Answers Close Window S Click Save and Submit to save and submit. Click Save All Answers to save all answers.
Image of page 3
10/13/2018 Take Test: Mid Term Exam Chapters 1 - 7 – 2018_... ; 4/7 FalseIn 2012, the Federal Financial Institutions Examination Council (FFIEC) began requiring financial institutions to go beyond using justIDs and passwords when it issued the guidance “Authentication in an Electronic Banking Environment;” this type of authenticationprocess is known as multifactor authentication .
Image of page 4
Image of page 5

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture