A security manager is preparing a report to obtain the commitment of executive management to a security program. Inclusion of which of the following would be of MOST value?

Posted by: Pdfprep Category: CISM Tags: , ,

A security manager is preparing a report to obtain the commitment of executive management to a security program. Inclusion of which of the following would be of MOST value?
A . Examples of genuine incidents at similar organizations
B . Statement of generally accepted best practices
C . Associating realistic threats to corporate objectives
D . Analysis of current technological exposures

Answer: C

Explanation:

Linking realistic threats to key business objectives will direct executive attention to them. All other options are supportive but not of as great a value as choice C when trying to obtain the funds for a new program.

Leave a Reply

Your email address will not be published.