CISSP · Question #80
The stringency of an Information Technology (IT) security assessment will be determined by the
The correct answer is C. sensitivity of the system's datA.. The stringency of an Information Technology (IT) security assessment will be determined by the sensitivity of the system's data, as this reflects the level of risk and impact that a security breach could have on the organization and its stakeholders. The more sensitive the data,
Question
Options
- Asystem's past security record.
- Bsize of the system's database.
- Csensitivity of the system's datA.
- Dage of the system.
How the community answered
(54 responses)- A2% (1)
- B6% (3)
- C91% (49)
- D2% (1)
Explanation
The stringency of an Information Technology (IT) security assessment will be determined by the sensitivity of the system's data, as this reflects the level of risk and impact that a security breach could have on the organization and its stakeholders. The more sensitive the data, the more stringent the security assessment should be, as it should cover more aspects of the system, use more rigorous methods and tools, and provide more detailed and accurate results and recommendations. The system's past security record, size of the system's database, and age of the system are not the main factors that determine the stringency of the security assessment, as they do not directly relate to the value and importance of the data that the system processes, stores, or transmits.
Topics
Community Discussion
No community discussion yet for this question.