Who is responsible for ensuring that information is categorized and that specific protective measures are take
Who is responsible for ensuring that information is categorized and that specific protective
measures are taken?
What actions should the board take next?
An organization’s board of directors has learned of recent legislation requiring organizations within
the industry to enact specific safeguards to protect confidential customer information. What actions
should the board take next?
Information security should be:
Information security should be:
What is the MOST important factor in the successful implementation of an enterprise wide information security
What is the MOST important factor in the successful implementation of an enterprise wide
information security program?
What is the MAIN risk when there is no user management representation on the Information Security Steering Com
What is the MAIN risk when there is no user management representation on the Information
Security Steering Committee?
The MAIN reason for having the Information Security Steering Committee review a new security controls implemen
The MAIN reason for having the Information Security Steering Committee review a new security
controls implementation plan is to ensure that:
Which of the following should be determined while defining risk management strategies?
Which of the following should be determined while defining risk management strategies?
which of the following is the MOST important factor to consider?
When implementing effective security governance within the requirements of the company’s
security strategy, which of the following is the MOST important factor to consider?
Which of the following is the BEST reason to perform a business impact analysis (BIA)?
Which of the following is the BEST reason to perform a business impact analysis (BIA)?
A risk mitigation report would include recommendations for:
A risk mitigation report would include recommendations for: