Home » Isaca » CISM » When an information security manager is developing a strategic plan for information security, the timeline for the plan should be:
When an information security manager is developing a strategic plan for information security, the timeline for the plan should be:
A. aligned with the IT strategic plan.
B. based on the current rate of technological change.
C. three-to-five years for both hardware and software.
D. aligned with the business strategy.
Correct Answer: D
Explanation/Reference:
Explanation:
Any planning for information security should be properly aligned with the needs of the business. Technology should not come before the needs of the business, nor should planning be done on an artificial timetable that ignores business needs.
|
Download Printable PDF. VALID exam to help you PASS.
|
 |
