Which one of the following is NOT a fundamental component of a Regulatory Security Policy?

adminSeptember 14, 2013

A.
What is to be done.

B.
When it is to be done.

C.
Who is to do it.

D.
Why is it to be done

Explanation:
Regulatory Security policies are mandated to the organization but it up to them to
implement it.
“Regulatory – This policy is written to ensure that the organization is following standards set by a
specific industry and is regulated by law. The policy type is detailed in nature and specific to a
type of industry. This is used in financial institutions, health care facilities, and public utilities.” -Shon Harris All-in-one CISSP Certification Guide pg 93-94

One Comment on “Which one of the following is NOT a fundamental component of a Regulatory Security Policy?”

Ahmed says:

January 4, 2015 at 7:29 am

The quote from Ms Harris book does not say that ‘who is to do’ is excluded from Regulatory Laws. The Sarbanes Oxley is full of regulatory directives as to who is to do what..

0

0

Log in to Reply

Get 50% Discount on All Your Purchases
at PrepAway.com - Latest Exam Questions

This is ONE TIME OFFER

Enter your email address to receive your 50% off dicount code:

SPECIAL OFFER: GET 50% OFF

Use Discount Code:

ISC Exam Questions

Free ISC2 Study Guide

Which one of the following is NOT a fundamental component of a Regulatory Security Policy?

One Comment on “Which one of the following is NOT a fundamental component of a Regulatory Security Policy?”

Leave a Reply Cancel reply