What should be an information security manager's MOST important consideration when reviewing a proposed upgrade to a business unit's production database?
A.
Ensuring the application inventory is updated
B.
Ensuring residual risk is within appetite
C.
Ensuring a cost-benefit analysis is completed
D.
Ensuring senior management is aware of associated risk
The information security manager's MOST important consideration when reviewing a proposed upgrade to a business unit's production database is ensuring residual risk is within the organization's risk appetite. Upgrades to production databases can pose a significant risk to an organization's data, and it is essential to ensure that any residual risk is acceptable to the organization. A cost-benefit analysis and updating the application inventory are also essential considerations, but they are secondary to ensuring that residual risk is within the organization's risk appetite. Similarly, senior management should be made aware of the associated risk, but this is not the most important consideration.
The keyword are "consideration" and "reviewing", letting senior management know is not considering or reviewing. But ensuring that residual risk is within appetite is. Thus why it's (B).
upvoted 3 times
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
richck102
1 month, 1 week agoAbhey
2 months, 4 weeks agodedfef
3 months, 2 weeks agoMyKasala
6 months agoaokisan
7 months agodark_3k03r
2 months ago