Implementation of information security in an organization should essentially start with:
A) upgrading to the latest hardware and software available in the market.
B) researching and complying with the latest industry guidelines.
C) investing in the best infrastructure.
D) inventory-style auditing and risk assessment of threats.
E) employing a security consultant.

Question

Quizplus · Accepted Answer

The best choice for implementing information security in an organization is to start with an inventory-style auditing and risk assessment of threats. This will help identify potential vulnerabilities and threats to the organization's information security. Based on the results of this assessment, appropriate measures can be taken to mitigate the risks and protect the organization's data. Upgrading hardware and software, complying with industry guidelines, investing in infrastructure, and employing a security consultant can all be part of these measures, but they should be based on an initial assessment.

Implementation of Information Security in an Organization Should Essentially Start