The MOST important function of a risk management program is to:

• A.quantify overall risk.
• B.minimize residual risk.
• C.eliminate inherent risk.
• D.maximize the sum of all annualized loss expectancies (ALEs).

Comment: *

Name: *

Email: *

Verification: *

Which of the following is the MAIN reason for performing risk assessment on a continuous basis'?

• A.Justification of the security budget must be continually made.
• B.New vulnerabilities are discovered every day.
• C.The risk environment is constantly changing.
• D.Management needs to be continually informed about emerging risks.

Comment: *

Name: *

Email: *

Verification: *

The security responsibility of data custodians in an organization will include:

• A.assuming overall protection of information assets.
• B.determining data classification levels.
• C.implementing security controls in products they install.
• D.ensuring security measures are consistent with policy.

Comment: *

Name: *

Email: *

Verification: *

An organization's quality process can BEST support security management by providing:

• A.security configuration controls.
• B.assurance that security requirements are met.
• C.guidance for security strategy.
• D.a repository for security systems documentation.

Comment: *

Name: *

Email: *

Verification: *

An information security manager at a global organization has to ensure that the local information security program will initially ensure compliance with the:

• A.corporate data privacy policy.
• B.data privacy policy where data are collected.
• C.data privacy policy of the headquarters' country.
• D.data privacy directive applicable globally.

Comment: *

Name: *

Email: *

Verification: *