CISM Certified Information Security Manager – Question0105
Which of the following is the MOST important element of an information security strategy? A. Defined objectives B. Time frames for delivery C. Adoption of a control framework D. Complete policies
Correct Answer: A
Explanation:
Explanation:
Without defined objectives, a strategy — the plan to achieve objectives — cannot be developed. Time frames for delivery are important but not critical for inclusion in the strategy document. Similarly, the adoption of a control framework is not critical to having a successful information security strategy. Policies are developed subsequent to, and as a part of, implementing a strategy.
Please disable your adblocker or whitelist this site!