Multiple Choice
According to the Corporate Governance Task Force (CGTF) ,in order to build programs suited to their needs,organizations should do all but which of the following?
A) Conduct periodic testing and evaluation of the effectiveness of information security policies and procedures
B) Establish a security management structure to assign explicit individual roles, responsibilities, authority, and accountability
C) Conduct an annual information security evaluation, the results of which the CISO should review with security staff and then report to the board of directors
D) Implement policies and procedures based on risk assessments to secure information assets
Correct Answer:
Verified
Correct Answer:
Verified
Q103: The security governance responsibilities of mid-level managers
Q104: A(n) <span class="ql-formula" data-value="\text {\underline{ vulnerability}
Q105: Tactical plans are used to develop _
Q106: Some companies refer to <span
Q107: Information security governance includes all of
Q109: According to Sun Tzu: if you know
Q110: A bottom-up approach to information security
Q111: The critical components of the _ plan
Q112: In order to build programs suited to
Q113: In order to build security programs