Governance Risk Compliance
Gestão de Exceções
A formal process for documenting, assessing, approving, and monitoring deviations from standard policies or controls, ensuring appropriate risk evaluation and accountability.
Quick answer: A formal process for documenting, assessing, approving, and monitoring deviations from standard policies or controls, ensuring appropriate risk evaluation and accountability.
This term page is part of the Protermify Cybersecurity glossary and is published as static HTML for fast indexing and clear language coverage.
Definition
A formal process for documenting, assessing, approving, and monitoring deviations from standard policies or controls, ensuring appropriate risk evaluation and accountability.
Operational example
All policy deviations must be formally submitted and tracked through the exception management system, with clear risk justification and periodic review.
Localized term
Gestão de Exceções
Localized example
Todas as exceções de política devem ser formalmente submetidas e acompanhadas através do sistema de gestão de exceções, com justificativa de risco clara e revisão periódica.
Definition language
English reference definition
Source
ISO 27001, NIST Cybersecurity Framework, MITRE ATT&CK
Exam relevance
- CISSP
- CompTIA Security+
- CEH
Target audience
- SOC Analysts
- Security Engineers
- Incident Responders
