Measures of security risk should:

seenagapeAugust 18, 2017

An IS auditor is reviewing an IT security risk management program. Measures of security risk should:

PrepAway - Latest Free Exam Questions & Answers

A.
address all of the network risks.

B.
be tracked over time against the IT strategic plan.

C.
take into account the entire IT environment.

D.
result in the identification of vulnerability tolerances.

Explanation:
When assessing IT security risk, it is important to take into account the entire IT environment. Measures of
security risk should focus on those areas with the highest criticality so as to achieve maximum risk reduction at
the lowest possible cost. IT strategic plans are not granular enough to provide appropriate measures. Objective
metrics must be tracked over time against measurable goals, thus the management of risk is enhanced by
comparing today’s results against last week, last month, last quarter. Risk measures will profile assets on a
network to objectively measure vulnerability risk. They do not identify tolerances.

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

Measures of security risk should:

Leave a Reply Cancel reply