CA Foundation Business Economics Questions 2023 - Part 32
Fri, 03 Mar 2023
Inspirational journeys
Follow the stories of academics and their research expeditions
CISA—Certified Information Systems Auditor - Part 42
1. Which of the following is the MOST important driver when developing an effective information security strategy?
A) Security audit reports
B) Benchmarking reports
C) Information security standards
D) Compliance requirements
2. The FIRST -step in establishing an information security program is to:
A) secure organizational commitment and support
B) assess the organization's compliance with regulatory requirements
C) determine the level of risk that is acceptable to senior management
D) define policies and standards that mitigate the organization's risks
3. Which of the following is the BEST reason to certify an organization to an international security standard?
A) The certification covers enterprise security end-to-end.
B) The certification reduces information security risk.
C) The certification ensures that optimal controls are in place.
D) The certification delivers value to stakeholders.
4. An organization is considering whether to allow employees to use personal computing devices for business purposes. To BEST facilitate senior management's decision, the information security manager should:
A) perform a cost-benefit analysis
B) map the strategy to business objectives
C) conduct a risk assessment
D) develop a business case
5. A PRIMARY advantage of involving business management in evaluating and managing information security risks is that they:
A) better understand the security architecture
B) better understand organizational risks
C) can balance technical and business risks
D) are more objective than security management
A) Security audit reports
B) Benchmarking reports
C) Information security standards
D) Compliance requirements
2. The FIRST -step in establishing an information security program is to:
A) secure organizational commitment and support
B) assess the organization's compliance with regulatory requirements
C) determine the level of risk that is acceptable to senior management
D) define policies and standards that mitigate the organization's risks
3. Which of the following is the BEST reason to certify an organization to an international security standard?
A) The certification covers enterprise security end-to-end.
B) The certification reduces information security risk.
C) The certification ensures that optimal controls are in place.
D) The certification delivers value to stakeholders.
4. An organization is considering whether to allow employees to use personal computing devices for business purposes. To BEST facilitate senior management's decision, the information security manager should:
A) perform a cost-benefit analysis
B) map the strategy to business objectives
C) conduct a risk assessment
D) develop a business case
5. A PRIMARY advantage of involving business management in evaluating and managing information security risks is that they:
A) better understand the security architecture
B) better understand organizational risks
C) can balance technical and business risks
D) are more objective than security management
1. Right Answer: C
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: C
Explanation:
Explanation:
2. Right Answer: A
Explanation:
3. Right Answer: D
Explanation:
4. Right Answer: B
Explanation:
5. Right Answer: C
Explanation:
Tags:
it certification certified it it exams isaca certification isaca cgeit isaca cisa isaca cism isaca cobit 5 isaca crisc isaca questions practice exams pratice quests risc maangement it management it questions isaca answers isaca practice isaca dumps isaca test test questions questins and answer explanation0 Comments
Categories
Recent posts
CA Foundation Business Economics Questions 2023 - Part 31
Fri, 03 Mar 2023
CA Foundation Business Economics Questions 2023 - Part 30
Fri, 03 Mar 2023
Leave a comment