CISM Certified Information Security Manager – Question1251

When developing a new system, detailed information security functionality should FIRST be addressed:

A.
as part of prototyping.
B. during the system design phase.
C. when system requirements are defined.
D. as part of application development.

Correct Answer: B