The MOST important reason for formally documenting secu…

The MOST important reason for formally documenting security procedures is to ensure:

The MOST important reason for formally documenting security procedures is to ensure:

A.
processes are repeatable and sustainable.

B.
alignment with business objectives.

C.
auditability by regulatory agencies.

D.
objective criteria for the application of metrics.

Explanation:

Without formal documentation, it would be difficult to ensure that security processes are performed in the proper manner every time that they are performed. Alignment with business objectives is not a function of formally documenting security procedures. Processes should not be formally documented merely to satisfy an audit requirement. Although potentially useful in the development of metrics, creating formal documentation to assist in the creation of metrics is a secondary objective.



Leave a Reply 0

Your email address will not be published. Required fields are marked *