The mission and business process level is the Tier 2. What are the various Tier 2 activities? Each
correct answer represents a complete solution. Choose all that apply.
A.
Developing an organization-wide information protection strategy and incorporating high-level
information security requirements
B.
Defining the types of information that the organization needs, to successfully execute the stated
missions and business processes
C.
Specifying the degree of autonomy for the subordinate organizations
D.
Defining the core missions and business processes for the organization
E.
Prioritizing missions and business processes with respect to the goals and objectives of the
organization
Explanation:
The mission and business process level is the Tier 2. It addresses risks from the
mission and business process perspective. It is guided by the risk decisions at Tier 1. The various
Tier 2 activities are as follows: It defines the core missions and business processes for the
organization. It also prioritizes missions and business processes, with respect to the goals and
objectives of the organization. It defines the types of information that an organization requires, to
successfully execute the stated missions and business processes. It helps in developing an
organization-wide information protection strategy and incorporating high-level information security
requirements. It specifies the degree of autonomy for the subordinate organizations.