Definition: The act of disposing of a given data set such that it is expunged from all systems and is not recoverable. Commentary:

Definition: A collection of software components that enables its user to access off-limits areas of a computer or device Commentary:

Definition: An approach to restricting access to resources based on roles that have been assigned to the subjects seeking access to the resources Commentary:

Definition: The data domain of an output from a business process or calculation Commentary:

Definition: A status granted to a person or group of persons representing their permission to access a specific data asset or any data asset with specific scope and characteristics Commentary:

Definition: A cyber-security attack that exploits information about the data flows within an organization Commentary:

Definition: A physical computing device that protects and manages digital keys and performs encryption and decryption Commentary:

Definition: A business function or service where responsibility for its running has been wholly outsourced to a third-party provider. Commentary:

Definition: synonym for Data Sensitivity Classification Commentary:

Definition: In the context of controls, recorded facts that prove the existence and application of a control Commentary: