A good privacy statement should include:

• A.notification of liability on accuracy of information.
• B.notification that information will be encrypted.
• C.what the company will do with information it collects.
• D.a description of the information classification process.

Comment: *

Name: *

Email: *

Verification: *

Executive management is considering outsourcing all IT operations. Which of the following functions should remain internal?

• A.Data encryption
• B.Data custodian
• C.Data monitoring
• D.Data ownership

Comment: *

Name: *

Email: *

Verification: *

Which of the following are the MOST important individuals to include as members of an information security steering committee?

• A.Direct reports to the chief information officer
• B.IT management and key business process owners
• C.Cross-section of end users and IT professionals
• D.Internal audit and corporate legal departments

Comment: *

Name: *

Email: *

Verification: *

Which of the following application systems should have the shortest recovery time objective (RTO)?

• A.Contractor payroll
• B.Change management
• C.E-commerce web site
• D.Fixed asset system

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MOST important consideration when deciding whether to continue outsourcing to a managed security service provider?

• A.The business need for the function
• B.The cost of the services
• C.The vendor's reputation in the industry
• D.The ability to meet deliverables

Comment: *

Name: *

Email: *

Verification: *