Which of the following statements about the maintenance and review of information security policies is NOT true?
A) The review and maintenance of security policies should be tied to the performance evaluations of accountable individuals.
B) Review requirements should be included in the security policies themselves.
C) When business requirements change, security policies should be reviewed to confirm that policies reflect the new business requirements.
D) Functional users and information custodians are ultimately responsible for the accuracy and relevance of information security policies.
E) In the absence of changes to business requirements and processes, information-security policy reviews should be annual.
Correct Answer:
Verified
Q29: A(n)_ is a one-way mathematical function that
Q30: Maintenance of the Business Continuity Plan (BCP)
Q31: Distinguish between the role of the data
Q32: A(n) _ is the first step for
Q33: Which of the following best describes the
Q35: What is mandatory sign-on? An authentication method
Q36: Why does the (ISC)2 access-control systems and
Q37: The items listed below are examples of
Q38: Enterprise employees working remotely require access to
Q39: A(n) _ is an abstract machine, which
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents