A CISO has implemented a risk management capability within the security portfolio. Which of the following terms best describes this functionality?
Which of the following is a benefit of information security governance?
Risk appetite is typically determined by which of the following organizational functions?
As a new CISO at a large healthcare company you are told that everyone has to badge in to get in the building.
Below your office window you notice a door that is normally propped open during the day for groups of people to take breaks outside. Upon looking closer you see there is no badge reader. What should you do?
SCENARIO: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
The CISO has implemented remediation activities. Which of the following is the MOST logical next step?
