which of the following should be completed NEXT when establishing an information security program?

After obtaining commitment from senior management, which of the following should be completed
NEXT when establishing an information security program?

After obtaining commitment from senior management, which of the following should be completed
NEXT when establishing an information security program?

A.
Define security metrics

B.
Conduct a risk assessment

C.
Perform a gap analysis

D.
Procure security tools

Explanation:

When establishing an information security program, conducting a risk assessment is key to
identifying the needs of the organization and developing a security strategy. Defining security
metrics, performing a gap analysis and procuring security tools are all subsequent considerations.



Leave a Reply 0

Your email address will not be published. Required fields are marked *