Revision Questions
- The most important consideration while developing an information security strategy is:
- The availability of information security resources
- Adherence to laws and regulations
- Effectiveness in mitigating risk
- Budget allocation for information security
- The objectives of information security can be best described as:
- The requirements of the desired state
- The attributes of the current state
- The key business processes
- The control objectives for loss expectations
- The most important factor when developing risk management strategies is:
- Using an industry-adopted risk assessment framework
- Aligning with business objectives and risk appetite
- Technology architecture
- The geographical spread of business units
- "Systems thinking," in terms of information security, refers to:
- The perspective of artificial intelligence
- The perspective of the whole being greater than the sum of its individual parts
- The perspective of supporting the business objective
- The perspective of governance...