C. Business processes and requirements
An effective information security strategy should align with the overall business objectives and support the organization's processes and requirements. Without understanding the business processes and requirements, it is difficult to develop a strategy that addresses the specific needs of the organization and aligns with its goals. A security strategy that does not align with the organization's objectives and processes is less likely to be effective in reducing risk and protecting the organization's assets.
D - Risk assessments help identify and prioritize the most significant threats to the organization, ensuring that the security strategy addresses the most critical areas first.
I am not sure but I'd go with B. Risk and business impact assessments are most important input to define current state. Business processes and requirement are most important input to define desiderate state.
The question asks about the "development" of a strategy not one that already exists in which case you could compare existing with desired states. It is definitely C
B. Current and desired state of security
Understanding the current state of security (the existing vulnerabilities, threats, and weaknesses) and the desired state of security (the goals and objectives for improved security) is fundamental to developing an effective information security strategy. Without this understanding, it's challenging to define the direction, priorities, and actions necessary to protect an organization's information assets.
By assessing the current state of security and comparing it to the desired state, organizations can determine the necessary steps and initiatives to bridge the gaps and achieve their security goals. This analysis helps in setting priorities, allocating resources, and creating a roadmap for implementing security controls and measures.
Most important input would be the target identified by gap analysis. Without this you can't build a strategy even if you know what the business processes and requirements are.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
mohit05
Highly Voted 1 year, 10 months agoBooict
Most Recent 2 months, 3 weeks agoSalilgen
8 months, 2 weeks agoMarcovic00
1 year agosecdoc
1 year, 1 month agokoala_lay
1 year, 2 months agoCert_IT
1 year, 2 months agooluchecpoint
1 year, 2 months agokoala_lay
1 year, 2 months agoGoseu
1 year, 4 months ago45
1 year, 4 months agorichck102
1 year, 4 months agowello
1 year, 5 months agoDravidian
1 year, 7 months agoCarlPTY07
1 year, 8 months ago