1. Risk transfer
2. Access rights
3. Computer emergency response team (CERT)
4. RCSA
5. Data custodian
6. Residual risk
7. Application controls
8. Key performance indicator (KPI)
9. RMIS
10. MAGERIT
11. Business continuity plan (BCP)
12. Treadway
13. BSI
14. Risk indicator
15. RMF
16. Capability
17. Detective control
18. Business impact analysis/assessment (BIA)
19. BCP
20. ERM
21. IT risk profile
22. EL
23. Evidence
24. Business objective
25. Information systems (IS)
26. IT risk scenario
27. IT risk
28. Internal controls
29. CMU
30. OCTAVE
31. ____ is collecting data from web sites, usually for competitive intelligence.
32. ______ is a form of database processing that supports top-down, query-driven data analysis.