1. Which of the following explicitly declares the business of the organization and its intended areas of operations?
- Values statement
- Vision statement
- Business statement
- Mission statement
2. Which type of planning is the primary tool in determining the long-term direction taken by an organization?
- Strategic
- Operational
- Managerial
- Tactical
3. Which of the following is true about planning?
- Operational plans are used to create tactical plans
- Strategic plans are used to create tactical plans
- Tactical plans are used to create strategic plans
- Operational plans are used to create strategic plans
4.
The basic outcomes of InfoSec governance should include all but which of the following?- Value delivery by optimizing InfoSec investments in support of organizational objectives.
- Resource management by utilizing information security knowledge and infrastructure efficiently and effectively.
- Time management by aligning resources with personnel schedules and organizational objectives.
- Performance measurement by measuring, monitoring, and reporting information security governance metrics to ensure that organizational objectives are achieved.
5. Which of the following should be included in an InfoSec governance program?
- All of these are components of the InfoSec governance program
- An InfoSec risk management methodology
- An InfoSec development methodology
- An InfoSec project management assessment from an outside consultant
No comments:
Post a Comment