A security professional has been promoted to be the CISO of an organization. The first task is to create a security policy for this organization. The CISO creates and publishes the security policy. This policy however, is ignored and not enforced consistently. Which of the following is the MOST likely reason for the policy shortcomings?
A) Lack of a formal security awareness program
B) Lack of a formal security policy governance process
C) Lack of formal definition of roles and responsibilities
D) Lack of a formal risk management policy
Correct Answer:
Verified
Q7: One of the MAIN goals of a
Q8: Which of the following has the GREATEST
Q9: Which of the following is of MOST
Q10: From an information security perspective, information that
Q11: Which of the following is considered the
Q13: Who in the organization determines access to
Q14: Which of the following is the MOST
Q15: When dealing with Security Incident Response procedures,
Q16: Which of the following is a benefit
Q17: An organization's Information Security Policy is of
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents