Which of the following does a lack of adequate security controls represent?
Which of the following does a lack of adequate security controls represent?
Assessing IT risks is BEST achieved by:
Assessing IT risks is BEST achieved by:
This is an example of risk:
To address the risk of operations staff’s failure to perform the daily backup, management requires
that the systems administrator sign off on the daily backup. This is an example of risk:
A poor choice of passwords and transmission over unprotected communications lines are examples of:
A poor choice of passwords and transmission over unprotected communications lines are examples
of:
An IS auditor reviewing the risk assessment process of an organization should FIRST:
An IS auditor reviewing the risk assessment process of an organization should FIRST:
Measures of security risk should:
An IS auditor is reviewing an IT security risk management program. Measures of security risk should:
Which of the following should be considered FIRST when implementing a risk management program?
Which of the following should be considered FIRST when implementing a risk management
program?
As a driver of IT governance, transparency of IT’s cost, value and risks is primarily achieved through:
As a driver of IT governance, transparency of IT’s cost, value and risks is primarily achieved through:
Which of the following should be the MOST important consideration when deciding areas of priority for IT gover
Which of the following should be the MOST important consideration when deciding areas of priority
for IT governance implementation?
The PRIMARY benefit of implementing a security program as part of a security governance framework is the:
The PRIMARY benefit of implementing a security program as part of a security governance
framework is the: