The MOST important reason for formally documenting security procedures is to ensure:

The MOST important reason for formally documenting security procedures is to ensure:

The MOST important reason for formally documenting security procedures is to ensure:

A.
processes are repeatable and sustainable.

B.
alignment with business objectives.

C.
auditability by regulatory agencies.

D.
objective criteria for the application of metrics.

Explanation:

Without formal documentation, it would be difficult to ensure that security processes are performed
in the proper manner every time that they are performed. Alignment with business objectives is not
a function of formally documenting security procedures. Processes should not be formally
documented merely to satisfy an audit requirement. Although potentially useful in the development
of metrics, creating formal documentation to assist in the creation of metrics is a secondary
objective.



Leave a Reply 0

Your email address will not be published. Required fields are marked *