Developing a successful business case for the acquisition of information security software products can BEST be assisted by:

Posted by: Pdfprep Category: CISM Tags: , ,

Developing a successful business case for the acquisition of information security software products can BEST be assisted by:
A . assessing the frequency of incidents.
B . quantifying the cost of control failures.
C . calculating return on investment (ROD projections.
D . comparing spending against similar organizations.

Answer: C

Explanation:

Calculating the return on investment (ROD will most closely align security with the impact on the bottom line. Frequency and cost of incidents are factors that go into determining the impact on the business but, by themselves, are insufficient. Comparing spending against similar organizations can be problematic since similar organizations may have different business goals and appetites for risk.

Leave a Reply

Your email address will not be published.