What is the BEST way for an information security manager to improve the effectiveness of risk management in an organization that currently manages risk at the departmental level?
A.
Deploy security risk management software in all departments.
B.
Determine whether the organization has defined its risk tolerance and risk appetite.
C.
Subscribe to external risk reports relevant to each department.
D.
Propose that security risk be integrated under a common risk register.
Its D to avoid duplication if efforts and achieving efficiency gains by applying measures organization wide. B is also very important to have a common ground of risk appetite.
D - Centralizing risk information fosters better coordination, visibility, and holistic risk assessment.
upvoted 2 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Josef4CISM
1 month, 1 week agoServerBrain
4 months, 1 week agoBooict
7 months, 2 weeks ago