Operational bia process - Study guides, Class notes & Summaries

CISA Chapter 2 Exam 218 Questions with Verified Answers Organizations should define IT strategies, policies, standards and operating procedures in line with... - CORRECT ANSWER organizational goals and objectives In order to provide assurance to stakeholders that IT services are aligned with the business vision, mission and objectives, top management should implement... - CORRECT ANSWER an IT governance framework The committees, made up of _____________ will examine and approve the IT s...

An information security manager wants to improve the ability to identify changes in risk levels affecting the organization's systems. Which of the following is the BEST method to achieve this objective? A. Performing business impact analysis (BIA) B. Monitoring key goal indicators (KGIs) C. Monitoring key risk indicators (KRIs) D. Updating the risk register :~~ C When developing an escalation process for an incident response plan, the information security manager should PRIMARILY c...

WGU C838 Managing Cloud Security: Exam Questions With Correct Answers Latest Update 2024/2025 Graded A+. What NIST publication number defines cloud computing? - correct answers 800-145 What ISO/IEC standard provides information on cloud computing? - correct answers 17788 What is another way of describing a functional business requirement? - correct answers necessary What is another way of describing a nonfunctional business requirement? - correct answers not necessary WGU C838 Managing C...

CISA Domain 2 Governance and Management of IT Exam 68 Questions with Verified Answers Governance of IT Enterprise (GEIT) - CORRECT ANSWER system in which ALL stakeholders (including board, senior management, internal customers and departments) provide input into decison making process about the use of IT resources on behalf of stakeholders who expect interests to be met responsibility of Board of directors and exec management Concerned with: IT delivering value to the business AND IT...

CISA Flashcards Protection of Information Assets Exam 99 Questions with Verified Answers Define the following terms: decompiling, modular stage, due care, negligence, basic care, ordinary care, and extraordinary care. - CORRECT ANSWER Decompiling is the act of dividing a large auditing task into smaller audits so that all objectives and requirements can be met Modular stage is a type of audit created by decompiling. Due care is the degree of care for a client that auditors must demonstrate w...

CRISC QUESTIONS AND ANSWERS | LATEST VERSION | 2024/2025 | 100% PASS 1. **An enterprise has recently developed a groundbreaking technology that could give it a competitive advantage. What is the PRIMARY concern in safeguarding this information within the enterprise?** - A. Data classification policy - B. Acceptable use policy - C. Encryption standards - D. Access control policy A. The data classification policy delineates data into categories, specifies protective measures for each...

CISA Exam 50 Question with Verified Answers Question: Asset Classification Information is one of an organization's most important assets. It should be considered when developing the organization's business and security objectives. It is much easier to map business and security objectives for a given information asset when assets are classified. What is the benefit of classifying information assets? Choose the best option(s) from those listed below. a) Establishing appropriate access co...

BCP stands for: Business Continuity Planning ________ is a small subset of business continuity: Disaster Recovery Brainpower Read More Previous Play Next Rewind 10 seconds Move forward 10 seconds Unmute 0:03 / 0:15 Full screen A ________ is a calamitous event, especially one occurring suddenly and causing great loss of life, damage, or hardship. Disaster A critical function of a business is defined as a function that if disrupted for a significant period of ...

Which of the following is the best example of a deterrent control? A. A log aggregation system B. Hidden cameras onsite. C. A guard posted outside the door. D. Backup recovery systems. C. A guard posted outside the door. Deterrents have to be visible to prevent an attack. A guard visible outside the door could help prevent physical attacks. Enacted in 2002, this US law requires every federal agency to implement information security programs, including significant reporti...

CISA Practice Exam 323 Questions with Verified Answers Identify the most critical element from the following for the successful implementation and ongoing regular maintenance of an information security policy. [BAC] A.Management support and approval for the information security policy B. Understanding of the information security policy by all appropriate parties C. Punitive actions for any violation of information security rules D. Stringent access control monitoring of information secu...