nerdexam
EC-Council

512-50 · Question #289

512-50 Question #289: Real Exam Question with Answer & Explanation

The correct answer is C. Define formal roles and responsibilities for Information Security. See the full explanation below for the reasoning.

Question

Scenario: An organization has made a decision to address Information Security formally and consistently by adopting established best practices and industry standards. The organization is a small retail merchant but it is expected to grow to a global customer base of many millions of customers in just a few years. Which of the following would be the FIRST step when addressing Information Security formally and consistently in this organization?

Options

  • AContract a third party to perform a security risk assessment
  • BDefine formal roles and responsibilities for Internal audit functions
  • CDefine formal roles and responsibilities for Information Security
  • DCreate an executive security steering committee

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 512-50 Practice