59%(73)43 out of 73 people found this document helpful
This preview shows page 4 - 6 out of 16 pages.
2.00000 points Save AnswerQUESTION 27Although it is impossible to eliminate all business risks, a good policy can reduce the likelihood of riskoccurring or reduce its impact. A business must find a way to balance a number of competing drivers.Which of the following is not one of these drivers?costcustomer satisfactioncomplianceregulation2.00000 points Save AnswerSave AnswerQUESTION 28Business liability insurance, which will pay for losses within the limits of the policy and lower thefinancial loss to the business in the event of an incident, is exclusively available to organizations.2.00000 points Save Answer
3/11/2018Take Test: Mid-Term Exam – 2018_SPR_MAIN_Operations ...;5/16QUESTION 29Creating an accurate inventory is a challenge, given the speed at which data files are created, deleted,moved, and changed. It is therefore recommend that an organization prioritize the inventory of assets,starting with the least sensitive to most sensitive.2.00000 points Save AnswerSave AnswerQUESTION 30An organization mandates use of the firewall, which stops all traffic to the Internet except for Webbrowsing and company e-mail. For this control, the question concerning security being addressed is,“What type of protection will be achieved?”2.00000 points Save AnswerQUESTION 31Of the many factors one must consider to ensure security policies and controls align with regulations;________________________ is/are important to demonstrate coverage of regulatory requirementsbecause they show the importance of each security control.evidenceinventoriessecurity control mappingsbusiness requirements2.00000 points Save AnswerQUESTION 32In January 2013, two important changes were made to ___________________. First, it became easier2.00000 points Save AnswerSave AnswerQUESTION 33The Sarbanes-Oxley (SOX) Act became law in 2002, and it was enacted in reaction to a series ofaccusations of corporate fraud. The basic idea behind SOX 404 is to recommend security policies andcontrols that provide confidence in the accuracy of financial statements. There are many critics whoargue that the act does not go far enough in describing how a company should report earnings,valuations, corporate responsibilities, and executive compensation.