Answer B)
Keyword in question is "plan" and the only sentence that refers to a plan is "The objectives for the control assessments and a detailed roadmap of how to conduct such assessments."
The MAIN purpose of a security assessment plan is:
B. Provide the objectives for the security and privacy control assessments and a detailed roadmap of how to conduct such assessments.
A security assessment plan outlines the objectives, scope, methodology, and approach for conducting security and privacy control assessments within an organization. Its primary purpose is to provide a clear roadmap and guidance on how to assess and evaluate the effectiveness of security controls in place.
B: "The objectives for the control assessments and a detailed roadmap of how to conduct such assessments."
https://csrc.nist.gov/glossary/term/assessment_plan
Clearly the answer is B here. Before conducting a security assessment, you need to know the objectives of that assessment, and all objectives must be SMART (Specific, Measurable, Attainable/Achievable, Relevant, Time-bound).
B could be right, but D sounds right too
I have been engaged with a few initiatives where executives want to conduct security assessments and see if it's financially viable to kick off the project or not.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
YesPlease
11 months, 3 weeks agoBach1968
1 year, 4 months agoHughJassole
1 year, 5 months agoHughJassole
1 year, 6 months agoSSimko
10 months agoJamati
2 years agojackdryan
1 year, 6 months agoRollizo
2 years, 1 month agodev46
2 years, 2 months agofranbarpro
2 years, 1 month agoCuteRabbit168
2 years, 2 months agoDERCHEF2009
2 years, 2 months agoDERCHEF2009
2 years, 2 months ago