Isaca Certified in the Governance of Enterprise IT Exam CGEIT Question # 78 Topic 8 Discussion
CGEIT Exam Topic 8 Question 78 Discussion:
Question #: 78
Topic #: 8
A global financial enterprise has been experiencing a substantial number of information security incidents that have directly affected its business reputation. Which of the following should be the IT governance board's FIRST course of action?
A.
Require revisions to how security incidents are managed by the IT department.
B.
Request an IT security assessment to identify the main security gaps.
C.
Execute an IT maturity assessment of the security process.
D.
Mandate an update to the enterprise's IT security policy.
Requesting an IT security assessment to identify the main security gaps is the IT governance board’s first course of action, as it helps to understand the root causes and the extent of the information security incidents that have affected the enterprise’s business reputation. An IT security assessment can also provide recommendations and best practices for improving thesecurity posture and reducing the risks of future incidents12. References := CGEIT Exam Content Outline, Domain 4, Subtopic B: IT Risk Management, Task 1: Ensure that an IT risk management framework exists to identify, analyze, mitigate, manage, monitor, and communicate IT-related business risk, and that the framework for IT risk management is in alignment with the enterprise risk management (ERM) framework.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit