Which of the following should be the FIRST step in developing an information security plan?

seenagapeApril 26, 2014

A.
Perform a technical vulnerabilities assessment

B.
Analyze the current business strategy

C.
Perform a business impact analysis

D.
Assess the current levels of security awareness

Explanation:
Prior to assessing technical vulnerabilities or levels of security awareness, an information security
manager needs to gain an understanding of the current business strategy and direction. A
business impact analysis should be performed prior to developing a business continuity plan, but
this would not be an appropriate first step in developing an information security strategy because it
focuses on availability.

2 Comments on “Which of the following should be the FIRST step in developing an information security plan?”

Chris says:

November 23, 2017 at 8:53 pm

Can I take this exam even if I did not take the training?

0

0

Log in to Reply
1. dasharath says:
  
  December 5, 2017 at 9:13 am
  
  Yes, As long as you are confident enough to clear exam
  
  0
  
  0
  
  Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISACA Exam Questions

Free ISACA Study Guide

Which of the following should be the FIRST step in developing an information security plan?

2 Comments on “Which of the following should be the FIRST step in developing an information security plan?”

Leave a Reply Cancel reply