12 Questions
Who is primarily responsible for developing a security strategy?
Information security manager
What is the primary goal of information security governance?
To ensure confidentiality, integrity and availability of transactions
What is a high-level statement of an organization's beliefs, goals, roles, and objectives?
Policy
What is the purpose of a steering committee in information security governance?
To review the security strategy
What is the responsibility of data owners in information security governance?
To ensure confidentiality, integrity and availability of transactions
What is the difference between a baseline and a strategy in information security governance?
A baseline assumes a minimum security level, while a strategy aligns with business objectives
What is the first step in developing a new organization information security strategy?
Define the scope
Who is responsible for legal and regulatory liability in an organization?
Board and senior management
What is the most effective way to obtain senior management support for establishing a warm site?
Developing a business case
What should be done with information that no longer supports the main purpose of the business from an information security perspective?
Analyze it under the retention policy
Why is it important to define the scope of the information security strategy?
To determine the boundaries of the program
What is the primary benefit of developing a business case for establishing a warm site?
It includes a cost-benefit analysis
Test your knowledge of information security governance, including strategy development, review, and communication. Discover the primary responsibilities of an information security manager.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free