The first step in creating a security policy is ____.
A) risk assessment
B) security auditing
C) impact analysis
D) documentation

Question

Quizplus · Accepted Answer

The first step in creating a security policy is to have a risk assessment to identify potential security risks and hazards. This will help ensure that the security policies are tailored to protect against the most relevant risks. Once the risks have been identified, the security policies can be designed to provide adequate protection. Security auditing, impact analysis, and documentation are important steps in the process, but they come after the risk assessment.

The First Step in Creating a Security Policy Is ____