- (Topic 2)
Which of the following activities must be completed BEFORE you can calculate risk?
Correct Answer:
C
- (Topic 5)
The newly appointed CISO of an organization is reviewing the IT security strategic plan. Which of the following is the MOST important component of the strategic plan?
Correct Answer:
B
- (Topic 2)
The CIO of an organization has decided to assign the responsibility of internal IT audit to the IT team. This is consider a bad practice MAINLY because
Correct Answer:
C
- (Topic 3)
As the CISO for your company you are accountable for the protection of information resources commensurate with:
Correct Answer:
D
- (Topic 5)
Scenario: An organization has recently appointed a CISO. This is a new role in the organization and it signals the increasing need to address security consistently at the enterprise level. This new CISO, while confident with skills and experience, is constantly on the defensive and is unable to advance the IT security centric agenda.
From an Information Security Leadership perspective, which of the following is a MAJOR concern about the CISO’s approach to security?
Correct Answer:
C