Course Hero Logo

Wwwvcepluscom vce exam simulator download a vce

Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 762 - 765 out of 839 pages.

- VCE Exam Simulator - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - PDF Online
QUESTION 639In an organization, the responsibilities for IT security are clearly assigned and enforced and an IT security risk and impact analysis is consistently performed. Thisrepresents which level of ranking in the information security governance maturity model?A. OptimizedB. ManagedC. DefinedD. RepeatableCorrect Answer:BSection: Protection of Information AssetsExplanationExplanation/Reference:Explanation:Boards of directors and executive management can use the information security governance maturity model to establish rankings for security in their organizations.The ranks are nonexistent, initial, repeatable, defined, managed and optimized. When the responsibilities for IT security in an organization are clearly assigned andenforced and an IT security risk and impact analysis is consistently performed, it is said to be 'managed and measurable.'QUESTION 640To aid management in achieving IT and business alignment, an IS auditor should recommend the use of:A. control self-assessments.B. a business impact analysis.C. an IT balanced scorecard.D. business process reengineering.Correct Answer:CSection: Protection of Information AssetsExplanationExplanation/Reference:Explanation:An IT balanced scorecard (BSC) provides the bridge between IT objectives and business objectives by supplementing the traditional financial evaluation withmeasures to evaluate customer satisfaction, internal processes and the ability to innovate. Control self- assessment (CSA), business impact analysis (BIA) andbusiness process reengineering (BPR) are insufficient to align IT with organizational objectives.QUESTION 641When reviewing the IT strategic planning process, an IS auditor should ensure that the plan:- VCE Exam Simulator - Download A+ VCE (latest) free Open VCE Exams - VCE to PDF Converter - PDF Online
A. incorporates state of the art technology.B. addresses the required operational controls.C. articulates the IT mission and vision.D. specifies project management practices.Correct Answer:CSection: Protection of Information AssetsExplanationExplanation/Reference:Explanation:The IT strategic plan must include a clear articulation of the IT mission and vision. The plan need not address the technology, operational controls or projectmanagement practices.QUESTION 642When developing a formal enterprise security program, the MOST critical success factor (CSF) would be the:A. establishment of a review board.B. creation of a security unit.C. effective support of an executive sponsor.D. selection of a security process owner.Correct Answer:CSection: Protection of Information AssetsExplanationExplanation/Reference:Explanation:The executive sponsor would be in charge of supporting the organization's strategic security program, and would aid in directing the organization's overall securitymanagement activities. Therefore, support by the executive level of management is the most critical success factor (CSF). None of the other choices are effectivewithout visible sponsorship of top management.

Upload your study docs or become a

Course Hero member to access this document

Upload your study docs or become a

Course Hero member to access this document

End of preview. Want to read all 839 pages?

Upload your study docs or become a

Course Hero member to access this document

Term
Fall
Professor
NoProfessor
Tags
PDF Online, Skinny Puppy

Newly uploaded documents

Show More

Newly uploaded documents

Show More

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture