Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Isc Discussions
exam questions

Exam CISSP All Questions

View all questions & answers for the CISSP exam
Go to Exam

Exam CISSP topic 1 question 355 discussion

Actual exam question from ISC's CISSP
Question #: 355
Topic #: 1
[All CISSP Questions]

What is the MOST appropriate hierarchy of documents when implementing a security program?

  • A. Policy, organization principle, standard, guideline
  • B. Standard, policy, organization principle, guideline
  • C. Organization principle, policy, standard, guideline
  • D. Organization principle, guideline, policy, standard
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Nickolos at Sept. 9, 2022, 10:04 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Nickolos
Highly Voted 2 years, 2 months ago
Pretty sure policy > standard
upvoted 10 times
jackdryan
1 year, 6 months ago
C is correct
upvoted 1 times
...
DERCHEF2009
2 years, 2 months ago
yes. So i think its C
upvoted 2 times
...
...
YesPlease
Most Recent 11 months, 1 week ago
Selected Answer: C
Answer C) https://complianceforge.com/grc/hierarchical-cybersecurity-governance-framework/
upvoted 1 times
...
HughJassole
1 year, 5 months ago
This question doesn't say which way the order goes, and I think "organization principle" is missing letters or should be something else. I searched extensively and found this hierarachy, with Policy on the bottom as the widest and Guideline on top: https://www.linkedin.com/pulse/information-security-policy-hierarchy-branden-rowe/ So I'm thinking A. https://informationshield.com/2014/10/27/security-policies-standard-and-procedures-whats-the-difference/
upvoted 1 times
...
Goseu
1 year, 7 months ago
Standard > Policy , answer is correct
upvoted 1 times
...
SaintDaSinner
1 year, 9 months ago
Selected Answer: C
Org. Principle- Policy- Standard- Guideline...
upvoted 1 times
...
Dee83
1 year, 10 months ago
C. Organization principle, policy, standard, guideline
upvoted 1 times
...
oudmaster
1 year, 11 months ago
I believe by Organization Principles they means Security Governance Principles. If so, then yes it comes before the policy. Governance Principles is used to write the security policy.
upvoted 1 times
...
pingundas
2 years, 1 month ago
Regulations and legislations are #1. Then the have corp. policy, standards, procedures, and guides.
upvoted 1 times
...
johnywolker
2 years, 1 month ago
Selected Answer: C
https://frsecure.com/blog/differentiating-between-policies-standards-procedures-and-guidelines/
upvoted 2 times
...
Rollizo
2 years, 1 month ago
Selected Answer: C
it is C
upvoted 3 times
...
CuteRabbit168
2 years, 1 month ago
Selected Answer: C
Reference: https://www.linkedin.com/pulse/understanding-hierarchy-principles-policies-standards-wally-beddoe
upvoted 1 times
...
spam4pl
2 years, 2 months ago
Selected Answer: C
policy standards guidelines so C
upvoted 4 times
...
stickerbush1970
2 years, 2 months ago
Selected Answer: B
B is the closest. Information Security Policies are high-level business rules that the organization agrees to follow that reduce risk and protect information. They define “what” the organization is going to do and often “who” is going to do it. Information Security Standards provide more specific details that enable policies to be implemented within the organization using different technologies. For example, an Information Disposal Standard would define how various type of media are destroyed to implement a policy. Information Security Procedures are step-by-step instructions that people will follow to implement policies (or even standards.) Procedures provide the “how” – where an information security control is translated into a business process.
upvoted 1 times
bherto39
2 years, 2 months ago
for the hierarcy Isnt it Policy -> standards ->guidelines and then procedures. isnt it C then?
upvoted 3 times
...
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel