CSSLP · Question #325
CSSLP Question #325: Real Exam Question with Answer & Explanation
The correct answer is C: It ensures that an organization is following the standard procedures or base practices of operation in. Regulatory policies primarily serve to ensure an organization adheres to external legal and industry mandates, providing confidence in its compliance and accepted operational practices.
Question
Which of the following statements describe the main purposes of a Regulatory policy? Each correct answer represents a complete solution. Choose all that apply.
Options
- AIt acknowledges the importance of the computing resources to the business model
- BIt provides a statement of support for information security throughout the enterprise
- CIt ensures that an organization is following the standard procedures or base practices of operation in
- DIt gives an organization the confidence that it is following the standard and accepted industry policy.
Explanation
Regulatory policies primarily serve to ensure an organization adheres to external legal and industry mandates, providing confidence in its compliance and accepted operational practices.
Common mistakes.
- A. Acknowledging the importance of computing resources is typically part of a broader organizational security policy or mission statement, not specific to a regulatory policy.
- B. Providing a statement of support for information security is a function of a high-level organizational security policy, not exclusively a regulatory policy.
Concept tested. Purpose of regulatory policies
Reference. https://learn.microsoft.com/en-us/compliance/regulatory/regulatory-compliance-overview
Topics
Community Discussion
No community discussion yet for this question.