11 Questions
What is the primary purpose of a security governance framework?
All of the above
What is the responsibility of the governing body regarding the organization's information security strategy?
All of the above
Who is ultimately responsible for what the organization does in a publicly held company?
The board of directors
Which of the following is NOT a key objective of the security governance framework?
Improving employee productivity
What is the primary responsibility of the governing body in terms of security direction?
To ensure there is effective security direction
Which of the following is NOT a key component of the security governance framework?
Continuous monitoring of security metrics and performance
What is recommended for providing effective security direction?
A single individual (CISO or equivalent executive) responsible for information security
What is the primary role of the CISO according to COBIT 5?
Establishing, maintaining, monitoring, and reviewing the Information Security Management System (ISMS)
Which of the following roles/structures is NOT mentioned in COBIT 5?
Data Protection Officer (DPO)
What is the purpose of the Information Security Steering (ISS) committee according to COBIT 5?
The text does not provide information about the purpose of the ISS committee
What is necessary for ensuring that a security mindset permeates the organization?
Coordination and collaboration with executives, managers, and operations personnel
Test your knowledge on the development and documentation of a security governance framework, which helps oversee and manage risk for an enterprise. Explore the importance of information security, risk management, and the role of a governing body in setting clear directions.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free