Answer is A
"Information must be classified in terms of legal requirements, value, criticality and sensitivity to any unauthorised disclosure or modification, ideally classified to reflect business activity rather than inhibit or complicate"
https://www.isms.online/iso-27001/annex-a-8-asset-management/
Organization’s senior management decides the value of the data and we have to protect those accordingly.
We do not secure and put controls without senior managements’ input.
A. Legal requirements, value, criticality, and sensitivity to unauthorized disclosure or modification.
Ensuring that information is protected relative to its importance to the organization involves considering several criteria. Legal requirements, such as data protection laws and industry regulations, provide a baseline for protecting sensitive information.
This is exactly what my thinking. Information needs to be protected according to organization’s needs and not just because we want to.
upvoted 1 times
...
...
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
JAckThePip
Highly Voted 2 years, 2 months agojackdryan
1 year, 7 months agoCuteRabbit168
Highly Voted 2 years, 3 months agoRamye
Most Recent 6 months agoRamye
6 months agogeorgegeorge125487
1 year, 4 months agoBach1968
1 year, 5 months agoHughJassole
1 year, 6 months agoxxxBadManxxx
1 year, 6 months agosomkiatr
1 year, 12 months ago[Removed]
2 years, 2 months agoCww1
2 years, 3 months agogooftroop
2 years, 3 months agoRollizo
2 years, 2 months agoRamye
7 months, 1 week ago