Which of the following should be included in an annual information security budget that is submitted for management approval?

Which of the following should be included in an annual information security budget that is
submitted for management approval?

Which of the following should be included in an annual information security budget that is
submitted for management approval?

A.
A cost-benefit analysis of budgeted resources

B.
All of the resources that are recommended by the business

C.
Total cost of ownership (TC’O)

D.
Baseline comparisons

Explanation:

A brief explanation of the benefit of expenditures in the budget helps to convey the context of how
the purchases that are being requested meet goals and objectives, which in turn helps build
credibility for the information security function or program. Explanations of benefits also help
engage senior management in the support of the information security program. While the budget
should consider all inputs and recommendations that are received from the business, the budget
that is ultimately submitted to management for approval should include only those elements that
are intended for purchase. TC’O may be requested by management and may be provided in an
addendum to a given purchase request, but is not usually included in an annual budget. Baseline
comparisons (cost comparisons with other companies or industries) may be useful in developing a
budget or providing justification in an internal review for an individual purchase, but would not be
included with a request for budget approval.



Leave a Reply 0

Your email address will not be published. Required fields are marked *