CISM question 33 discussion


While implementing information security governance an organization should FIRST:

  • A. adopt security standards.
  • B. determine security baselines.
  • C. define the security strategy.
  • D. establish security policies.
Created 2 months, 4 weeks ago by ciwuoha


B. determine security baseline


D. is a better answer. Implementing information security governance is dependent on the establishment of a Security Policy.