PrepAway - Latest Free Exam Questions & Answers

The MOST useful way to describe the objectives in the information security strategy is through:

The MOST useful way to describe the objectives in the information security strategy is through:

PrepAway - Latest Free Exam Questions & Answers

A.
attributes and characteristics of the ‘desired state.”

B.
overall control objectives of the security program.

C.
mapping the IT systems to key business processes.

D.
calculation of annual loss expectations.

Explanation:

Security strategy will typically cover a wide variety of issues, processes, technologies and
outcomes that can best be described by a set of characteristics and attributes that are desired.
Control objectives are developed after strategy and policy development. Mapping IT systems to
key business processes does not address strategy issues. Calculation of annual loss expectations
would not describe the objectives in the information security strategy.


Leave a Reply