The implementation of continuous monitoring controls is the BEST option where:

The implementation of continuous monitoring controls is the BEST option where:

The implementation of continuous monitoring controls is the BEST option where:

A.
incidents may have a high impact and frequency

B.
legislation requires strong information security controls

C.
incidents may have a high impact but low frequency

D.
Electronic commerce is a primary business driver

Explanation:

Continuous monitoring control initiatives are expensive, so they have to be used in areas where
the risk is at its greatest level. These areas are the ones with high impact and high frequency of
occurrence. Regulations and legislations that require tight IT security measures focus on requiring
organizations to establish an IT security governance structure that manages IT security with a riskbased approach, so each organization decides which kinds of controls are implemented.
Continuous monitoring is not necessarily a requirement. Measures such as contingency planning
are commonly used when incidents rarely happen but have a high impact each time they happen.
Continuous monitoring is unlikely to be necessary. Continuous control monitoring initiatives are not
needed in all electronic commerce environments. There are some electronic commerce
environments where the impact of incidents is not high enough to support the implementation of
this kind of initiative.



Leave a Reply 0

Your email address will not be published. Required fields are marked *