nerdexam
(ISC)2

CAP · Question #370

Information Security management is a process of defining the security controls in order to protect information assets. What are the security management responsibilities? Each correct answer represents

The correct answer is A. Evaluating business objectives, security risks, user productivity, and functionality requirem B. Determining actual goals that are expected to be accomplished from a security program C. Defining steps to ensure that all the responsibilities are accounted for and properly address D. Determining objectives, scope, policies, priorities, standards, and strategies. Information Security Management encompasses all four responsibilities listed. (A) Evaluating business objectives, security risks, user productivity, and functionality requirements ensures that security controls are balanced and business-aligned. (B) Determining actual goals from

Security and Privacy Governance, Risk Management, and Compliance Program

Question

Information Security management is a process of defining the security controls in order to protect information assets. What are the security management responsibilities? Each correct answer represents a complete solution. Choose all that apply.

Options

  • AEvaluating business objectives, security risks, user productivity, and functionality requirem
  • BDetermining actual goals that are expected to be accomplished from a security program
  • CDefining steps to ensure that all the responsibilities are accounted for and properly address
  • DDetermining objectives, scope, policies, priorities, standards, and strategies

How the community answered

(35 responses)
  • A
    100% (35)

Explanation

Information Security Management encompasses all four responsibilities listed. (A) Evaluating business objectives, security risks, user productivity, and functionality requirements ensures that security controls are balanced and business-aligned. (B) Determining actual goals from a security program sets measurable security outcomes. (C) Defining steps to ensure all responsibilities are accounted for and addressed provides the operational process framework. (D) Determining objectives, scope, policies, priorities, standards, and strategies establishes the governance foundation. Together, these four activities represent the full lifecycle of security management responsibilities - from strategic planning through operational execution.

Topics

#Security Management Responsibilities#Security Program Design#Security Governance#Risk Management Principles

Community Discussion

No community discussion yet for this question.

Full CAP Practice