Which of the following is the MOST important consideration for an IS auditor when assessing the adequacy of an organization's information security policy?
While alignment with the IT tactical plan (option B) is important for ensuring that the information security policy supports the organization's IT goals and strategies, ultimately, the information security policy should align with and support the broader business objectives of the organization.
The information security policy should be designed to protect the organization's critical assets, data, and operations in alignment with its business goals and priorities. It should address the specific risks and threats faced by the organization's business operations and support the achievement of strategic objectives while maintaining the confidentiality, integrity, and availability of information assets.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Swallows
1 month agoChangwha
11 months, 2 weeks ago