Scenario: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified. The CISO has validated audit findings, determined if compensating controls exist, and started initial remediation planning. Which of the following is the MOST logical next step?
A) Create detailed remediation funding and staffing plans
B) Report the audit findings and remediation status to business stake holders
C) Validate the effectiveness of current controls
D) Review security procedures to determine if they need modified according to findings
Correct Answer:
Verified
Q159: The total cost of security controls should:
A)
Q160: The formal certification and accreditation process has
Q161: Which of the following backup sites takes
Q162: When analyzing and forecasting a capital expense
Q163: Scenario: Most industries require compliance with multiple
Q165: As a CISO you need to understand
Q166: Scenario: An organization has made a decision
Q167: Scenario: You are the newly hired Chief
Q168: Scenario: Your program is developed around minimizing
Q169: The ability to hold intruders accountable in
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents