According to the Corporate Governance Task Force (CGTF) ,in order to build programs suited to their needs,organizations should do all but which of the following?
A) Conduct periodic testing and evaluation of the effectiveness of information security policies and procedures
B) Establish a security management structure to assign explicit individual roles, responsibilities, authority, and accountability
C) Conduct an annual information security evaluation, the results of which the CISO should review with security staff and then report to the board of directors
D) Implement policies and procedures based on risk assessments to secure information assets
Correct Answer:
Verified
Q46: The long-term direction taken by the organization
Q47: The information security governance framework generally consists
Q48: Which of the following is NOT a
Q49: The _ explicitly declares the business of
Q50: Budgeting,resource allocation,and manpower are critical components of
Q52: Information security _ must be addressed at
Q53: Which of the following is true about
Q54: _ statements are meant to express the
Q55: Vision statements are meant to be _.
A)
Q56: According to the IGTI,Boards of directors should
Unlock this Answer For Free Now!
View this answer and more for free by performing one of the following actions
Scan the QR code to install the App and get 2 free unlocks
Unlock quizzes for free by uploading documents