A CISO has recently joined an organization with a poorly implemented security program. The desire is to base the security program on a risk management approach. Which of the following is a foundational requirement in order to initiate this type of program?
A) A security organization that is adequately staffed to apply required mitigation strategies and regulatory compliance solutions
B) A clear set of security policies and procedures that are more concept-based than controls-based
C) A complete inventory of Information Technology assets including infrastructure, networks, applications and data
D) A clearly identified executive sponsor who will champion the effort to ensure organizational buy-in
Correct Answer:
Verified
Q119: A CISO decides to analyze the IT
Q120: Which of the following represents the BEST
Q121: You are the CISO of a commercial
Q122: A newly appointed security officer finds data
Q123: Risk appetite is typically determined by which
Q125: Which of the following functions evaluates risk
Q126: An organization has a stated requirement to
Q127: Which of the following represents the BEST
Q128: Which of the following is a major
Q129: Which of the following best summarizes the
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents