CRISC · Question #578
CRISC Question #578: Real Exam Question with Answer & Explanation
The correct answer is C: Number of suspected malicious activities reported since policy implementation. The best KPI for evaluating the effectiveness of a mandatory leave policy aimed at mitigating insider threats is the reduction in suspected malicious activities, as this directly reflects the policy's intended outcome.
Question
An organization has implemented a policy requiring staff members to take a minimum of five consecutive days' leave per year to mitigate the risk of malicious insider activities. Which of the following is the BEST key performance indicator (KPI) of the effectiveness of this policy?
Options
- APercentage of staff turnover following five consecutive days of leave
- BAverage number of consecutive days of leave per staff member
- CNumber of suspected malicious activities reported since policy implementation
- DFinancial loss incurred due to malicious activities since policy implementation
Explanation
The best KPI for evaluating the effectiveness of a mandatory leave policy aimed at mitigating insider threats is the reduction in suspected malicious activities, as this directly reflects the policy's intended outcome.
Common mistakes.
- A. Staff turnover isn't a direct measure of the policy's effectiveness in mitigating insider threats; it measures employee retention after leave.
- B. The average number of consecutive days of leave measures compliance with the policy, but not its effectiveness in preventing malicious activities.
- D. Financial loss due to malicious activities is a lagging indicator of impact, but 'number of suspected activities' is a more direct and often earlier indicator of the occurrence of the threat the policy aims to prevent.
Concept tested. KPI for insider threat mitigation
Topics
Community Discussion
No community discussion yet for this question.