Posted by: Pdfprep
Post Date: November 17, 2020
Scenario: You are the CISO and are required to brief the C-level executive team on your information security audit for the year. During your review of the audit findings you discover that many of the controls that were put in place the previous year to correct some of the findings are not performing as needed. You have thirty days until the briefing.
To formulate a remediation plan for the non-performing controls what other document do you need to review before adjusting the controls?
A . Business Continuity plan
B . Security roadmap
C . Business Impact Analysis
D . Annual report to shareholders
Answer: C
Leave a Reply