Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years. Which of the following would be the FIRST step when addressing Information Security formally and consistently in this organization?
A) Define formal roles and responsibilities for Information Security
B) Define formal roles and responsibilities for Internal audit functions
C) create an executive security steering committee
D) Contract a third party to perform a security risk assessment
Correct Answer:
Verified
Q293: Credit card information, medical data, and government
Q294: The new CISO was informed of all
Q295: When would it be more desirable to
Q296: You are just hired as the new
Q297: The PRIMARY objective of security awareness is
Q299: Quantitative Risk Assessments have the following advantages
Q300: Scenario: An organization has recently appointed a
Q301: What role should the CISO play in
Q302: What is the main purpose of the
Q303: The implementation of anti-malware and anti-phishing controls
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents