which of the following is the second step that needs to take place?

When developing a physical security program which of the following is the second step that needs to take place?

When developing a physical security program which of the following is the second step that needs to take place?

A.
Identify a team of internal employees and/or external consultants who will build the physical security program through the following steps.

B.
Work with management to define an acceptable risk level for the physical security program.

C.
Derive the required performance baselines from the acceptable risk level.

D.
Carry out a risk analysis to identify the vulnerabilities and threats and to calculate the business impact of each threat.

E.
Create countermeasure performance metrics.

Explanation:
When developing a security program, the follow steps should take
place in this order;
1. Identify a team of internal employees and/or external consultants who will build
the physical security program through the following steps.
2. Carry out a risk analysis to identify the vulnerabilities and threats and to
calculate the business impact of each threat.
3. Work with management to define an acceptable risk level for the physical security
program.
4. Derive the required performance baselines from the acceptable risk level.
5. Create countermeasure performance metrics.

Show Hint

Leave a Reply 2

Your email address will not be published. Required fields are marked *

CJM

CJM

Shon Harris’ book says “D” is the correct answer. “Show Answer” says “C” is the correct answer. I am confused.

Reply

admin

admin

Based on the question, the correct answer is D: Carry out a risk analysis to identify the vulnerabilities and threats and to calculate the business impact of each threat.
Fixed.

Reply