PrepAway - Latest Free Exam Questions & Answers

Which of the following should an information security manager use to BEST convey a sense of urgency to managem

An internal audit has identified major weaknesses over IT processing. Which of the following should an information security manager use to BEST convey a sense of urgency to management?

PrepAway - Latest Free Exam Questions & Answers

A.
Security metrics reports

B.
Risk assessment reports

C.
Business impact analysis (BIA)

D.
Return on security investment report

Explanation:
Performing a risk assessment will allow the information security manager to prioritize the remedial measures and provide a means to convey a sense of urgency to management. Metrics reports are normally contained within the methodology of the risk assessment to give it credibility and provide an ongoing tool. The business impact analysis (BIA) covers continuity risks only. Return on security investment cannot be determined until a plan is developed based on the BIA.

One Comment on “Which of the following should an information security manager use to BEST convey a sense of urgency to managem


Leave a Reply