Which of the following should be the FIRST step in developing an information security plan?

Which of the following should be the FIRST step in developing an information security plan?

Which of the following should be the FIRST step in developing an information security plan?

A.
Perform a technical vulnerabilities assessment

B.
Analyze the current business strategy

C.
Perform a business impact analysis

D.
Assess the current levels of security awareness

Explanation:

Prior to assessing technical vulnerabilities or levels of security awareness, an information security
manager needs to gain an understanding of the current business strategy and direction. A
business impact analysis should be performed prior to developing a business continuity plan, but
this would not be an appropriate first step in developing an information security strategy because it
focuses on availability.

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

Chris

Chris

Can I take this exam even if I did not take the training?

Reply

dasharath

dasharath

Yes, As long as you are confident enough to clear exam

Reply