An organization has to comply with recently published industry regulatory requirements -” compliance that po

adminJanuary 30, 2019

An organization has to comply with recently published industry regulatory requirements – compliance that potentially has high implementation costs. What should the information security manager do FIRST?

A. Implement a security committee.

B. Perform a gap analysis.

C. Implement compensating controls.

D. Demand immediate compliance.

Explanation:

Since they are regulatory requirements, a gap analysis would be the first step to determine the level of compliance already in place. Implementing a security committee or compensating controls would not be the first step. Demanding immediate compliance would not assess the situation.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

An organization has to comply with recently published industry regulatory requirements -” compliance that po

Leave a Reply Cancel reply