PrepAway - Latest Free Exam Questions & Answers

Which of the following provides the BEST explanation re…

Which of the following provides the BEST explanation regarding why an organization needs to implement IT
security policies?

PrepAway - Latest Free Exam Questions & Answers

A.
To ensure that false positives are identified

B.
To ensure that staff conform to the policy

C.
To reduce the organizational risk

D.
To require acceptable usage of IT systems

Explanation:
Once risks have been identified and assessed then there are five possible actions that should be taken. These
are: Risk avoidance, Risk transference, Risk mitigation, Risk deterrence and Risk acceptance. Anytime you
engage in steps to reduce risk, you are busy with risk mitigation and implementing IT security policy is a risk
mitigation strategy.


Leave a Reply