Which of the following would BEST assist an information…

Which of the following would BEST assist an information security manager in measuring the existing level of
development of security processes against their desired state?

Which of the following would BEST assist an information security manager in measuring the existing level of
development of security processes against their desired state?

A.
Security audit reports

B.
Balanced scorecard

C.
Capability maturity model (CMM)

D.
Systems and business security architecture

Explanation:

The capability maturity model (CMM) grades each defined area of security processes on a scale of 0 to 5 based on their maturity, and is commonly used by entities to measure their existing state and then determine the desired one. Security audit reports offer a limited view of the current state of security. Balanced scorecard is a document that enables management to measure the implementation of their strategy and assists in its translation into action. Systems and business security architecture explain the security architecture of an entity in terms of business strategy, objectives, relationships, risks, constraints and enablers, and provides a business-driven and business-focused view of security architecture.



Leave a Reply 0

Your email address will not be published. Required fields are marked *