nerdexam
(ISC)2

CAP · Question #169

Which of the following acts promote a risk-based policy for cost effective security? Each correct answer represents a part of the solution. Choose all that apply.

The correct answer is A. Clinger-Cohen Act D. Paperwork Reduction Act (PRA). The Clinger-Cohen Act (IT Management Reform Act of 1996) requires federal agencies to use a risk-based policy when managing IT investments and security, emphasizing cost-effectiveness. The Paperwork Reduction Act (PRA) directs agencies to implement information security measures p

Security and Privacy Governance, Risk Management, and Compliance Program

Question

Which of the following acts promote a risk-based policy for cost effective security? Each correct answer represents a part of the solution. Choose all that apply.

Options

  • AClinger-Cohen Act
  • BLanham Act
  • CComputer Misuse Act
  • DPaperwork Reduction Act (PRA)

How the community answered

(28 responses)
  • A
    89% (25)
  • B
    4% (1)
  • C
    7% (2)

Explanation

The Clinger-Cohen Act (IT Management Reform Act of 1996) requires federal agencies to use a risk-based policy when managing IT investments and security, emphasizing cost-effectiveness. The Paperwork Reduction Act (PRA) directs agencies to implement information security measures proportional to risk, promoting cost-effective controls under OMB oversight. The Lanham Act (Choice B) governs trademarks and unfair competition - it has no security policy component. The Computer Misuse Act (Choice C) is a UK law criminalizing unauthorized computer access; it defines offenses, not security management policy frameworks.

Topics

#US Federal Legislation#Information Resource Management#Risk-Based Security#Cost-Effectiveness

Community Discussion

No community discussion yet for this question.

Full CAP Practice