While implementing information security governance an organization should FIRST:

Posted by: Pdfprep Category: CISM Tags: , ,

While implementing information security governance an organization should FIRST:
A . adopt security standards.
B . determine security baselines.
C . define the security strategy.
D . establish security policies.

Answer: C

Explanation:

The first step in implementing information security governance is to define the security strategy based on which security baselines are determined. Adopting suitable security- standards, performing risk assessment and implementing security policy are steps that follow the definition of the security strategy.

Leave a Reply

Your email address will not be published.