Recent Lessons

Show all results for ""

Feature Overview

Ace your exams with our all-in-one platform for creating and sharing quizzes and tests.

Quizzes

Create quizzes and tests automatically from your content using AI.

Flashcards

Automatically turn your notes into digital flashcards.

Share, Export & Embed

Share with classmates or export to Excel and your learning management system.

Stats & Reporting

Auto-grading quizzes and tests with detailed stats and reports.

Mobile Apps

The smarter way to study – wherever you are.

Pricing

Search...

Effective Security Governance Approach Quiz

11 Questions

0 Views

Effective Security Governance Approach Quiz

Choose a study mode

Play Quiz

Study Flashcards

Spaced Repetition

Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary purpose of a security governance framework?

To enable the organization's governing body to set clear direction and demonstrate commitment to information security and risk management

To ensure alignment with overall organization policies and goals

To enhance business value and adequately manage risk

All of the above (correct)

What is the responsibility of the governing body regarding the organization's information security strategy?

To formally approve the information security strategy, policy, and architecture

To evaluate the operation of the information security strategy to ensure alignment with business needs

To regularly review the organization's risk appetite

All of the above (correct)

Who is ultimately responsible for what the organization does in a publicly held company?

The risk management committee

The information security team

The board of directors (correct)

Executive managers

Which of the following is NOT a key objective of the security governance framework?

Improving employee productivity Signup and view all the answers

What is the primary responsibility of the governing body in terms of security direction?

To ensure there is effective security direction Signup and view all the answers

Which of the following is NOT a key component of the security governance framework?

Continuous monitoring of security metrics and performance Signup and view all the answers

What is recommended for providing effective security direction?

A single individual (CISO or equivalent executive) responsible for information security Signup and view all the answers

What is the primary role of the CISO according to COBIT 5?

Establishing, maintaining, monitoring, and reviewing the Information Security Management System (ISMS) Signup and view all the answers

Which of the following roles/structures is NOT mentioned in COBIT 5?

Data Protection Officer (DPO) Signup and view all the answers

What is the purpose of the Information Security Steering (ISS) committee according to COBIT 5?

The text does not provide information about the purpose of the ISS committee Signup and view all the answers

What is necessary for ensuring that a security mindset permeates the organization?

Coordination and collaboration with executives, managers, and operations personnel Signup and view all the answers