Which of the following is MOST important to consider when developing a business case to support the investment in an information security program?
A. Senior management support
B. Results of a cost-benefit analysis
C. Results of a risk assessment
D. Impact on the risk profile
Last Updated on December 21, 2021 by Explanation:
The information security manager must understand the business risk profile of the organization. No model provides a complete picture, but logically categorizing the risk areas of an organization facilitates focusing on key risk management strategies and decisions. It also enables the organization to develop and implement risk treatment approaches that are relevant to the business and cost effective.
Last Updated on December 21, 2021 by Admin 2
- Senior management support
- Results of a cost-benefit analysis
- Results of a risk assessment
- Impact on the risk profile
Explanation:
The information security manager must understand the business risk profile of the organization. No model provides a complete picture, but logically categorizing the risk areas of an organization facilitates focusing on key risk management strategies and decisions. It also enables the organization to develop and implement risk treatment approaches that are relevant to the business and cost effective.
- CISM : Part 1 - 40
- CISA : Part 41 - 80
Pegacert.com is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com.
Some links may be affiliate links. We may get paid if you buy something or take an action after clicking one of these
All trademarks are the property of their respective owners.