In order to highlight to management, the importance of integrating information security in the business processes, a newly hired information security officer should FIRST:

In order to highlight to management, the importance of integrating information security in the business processes, a newly hired information security officer should FIRST:
A . prepare a security budget.
B . conduct a risk assessment.
C . develop an information security policy.
D . obtain benchmarking information.

View Answer

Answer: B

Explanation:

Risk assessment, evaluation and impact analysis will be the starting point for driving management’s attention to information security. All other choices will follow the risk assessment.