The Chief Executive Officer (CEO) of a small startup company has an urgent need for a security policy and assessment to address governance, risk management, and compliance. The company has a resource-constrained IT department, but has no information security staff. The CEO has asked for this to be completed in three months. Which of the following would be the MOST cost-effective solution to meet the company's needs?
A) Select one of the IT personnel to obtain information security training, and then develop all necessary policies and documents in-house.
B) Accept all risks associated with information security, and then bring up the issue again at next year's annual board meeting.
C) Release an RFP to consultancy firms, and then select the most appropriate consultant who can fulfill the requirements.
D) Hire an experienced, full-time information security team to run the startup company's information security department.
Correct Answer:
Verified
Q198: A consultant is hired to perform a
Q199: A security engineer is embedded with a
Q200: An organization is considering the use of
Q201: A company has created a policy to
Q202: A security engineer is attempting to increase
Q204: An organization, which handles large volumes of
Q205: A company is not familiar with the
Q206: A security analyst is reviewing the following
Q207: A security engineer is attempting to convey
Q208: After a large organization has completed the
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents