The MAIN reason why asset classification is important to a successful information security
program is because classification determines:
A.
the priority and extent of risk mitigation efforts.
B.
the amount of insurance needed in case of loss.
C.
the appropriate level of protection to the asset.
D.
how protection levels compare to peer organizations.
Explanation:
Protection should be proportional to the value of the asset. Classification is based upon the value
of the asset to the organization. The amount of insurance needed in case of loss may not be
applicable in each case. Peer organizations may have different classification schemes for their
assets.