When speaking to an organization’s human resources department about information security, an information security manager should focus on the need for:

When speaking to an organization’s human resources department about information security, an
information security manager should focus on the need for:

When speaking to an organization’s human resources department about information security, an
information security manager should focus on the need for:

A.
an adequate budget for the security program.

B.
recruitment of technical IT employees.

C.
periodic risk assessments.

D.
security awareness training for employees.

Explanation:

An information security manager has to impress upon the human resources department the need
for security awareness training for all employees. Budget considerations are more of an

accounting function. The human resources department would become involved once they are
convinced for the need of security awareness training. Recruiting lT-savvy staff may bring in new
employees with better awareness of information security, but that is not a replacement for the
training requirements of the other employees. Periodic risk assessments may or may not involve
the human resources department function.



Leave a Reply 0

Your email address will not be published. Required fields are marked *