Multiple Choice
The Chief Executive Officer (CEO) of a small startup company has an urgent need for a security policy and assessment to address governance, risk management, and compliance. The company has a resource-constrained IT department, but has no information security staff. The CEO has asked for this to be completed in three months. Which of the following would be the MOST cost-effective solution to meet the company's needs?
A) Select one of the IT personnel to obtain information security training, and then develop all necessary policies and documents in-house.
B) Accept all risks associated with information security, and then bring up the issue again at next year's annual board meeting.
C) Release an RFP to consultancy firms, and then select the most appropriate consultant who can fulfill the requirements.
D) Hire an experienced, full-time information security team to run the startup company's information security department.
Correct Answer:
Verified
Correct Answer:
Verified
Q396: A Chief Information Securiy Officer (CISO) is
Q397: A systems administrator has installed a disk
Q398: A Chief Information Security Officer (CISO is
Q399: A SaaS-based email service provider often receives
Q400: During a criminal investigation, the prosecutor submitted
Q402: During a sprint, developers are responsible for
Q403: A school contracts with a vendor to
Q404: A security administrator is updating a company's
Q405: A company recently implemented a variety of
Q406: An organization is currently working with a