- (Topic 1)
A method to transfer risk is to:
Correct Answer:
C
- (Topic 5)
Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
Which of the following is the reason the CISO has not been able to advance the security agenda in this organization?
Correct Answer:
C
- (Topic 5)
Scenario: Most industries require compliance with multiple government regulations and/or industry standards to meet data protection and privacy mandates.
When multiple regulations or standards apply to your industry you should set controls to meet the:
Correct Answer:
A
- (Topic 3)
Which business stakeholder is accountable for the integrity of a new information system?
Correct Answer:
A
- (Topic 2)
With respect to the audit management process, management response serves what function?
Correct Answer:
B