Exam CISSP topic 1 question 56 discussion

HR would be the only people to initiate a request, surely?

A is correct. Operation as a process owner should give requirement to IT. HR is responsible for access control provision not business process provision.

The correct answer is C. Human resources (HR). Human Resources (HR) typically initiates the request, approval, and provisioning business process. This department is responsible for managing employee-related processes, including onboarding, access provisioning, and other administrative tasks Option A, "Operations," is incorrect because the Operations department typically focuses on the day-to-day activities and processes that keep the organization running smoothly. While Operations may be involved in the provisioning process, they are not usually the ones who initiate the request, approval, and provisioning business process12. Human Resources (HR) is the department that usually initiates these processes, especially when it comes to employee-related activities such as onboarding, access provisioning, and other administrative tasks

Since when do IT initiate request? Did they hire the person? 100% HR

The request, approval, and provisioning business process is typically initiated by the Human Resources (HR) department, especially in relation to employee onboarding, role changes, and termination

The Human Resources (HR) department typically initiates the request, approval, and provisioning process for new employees, contractors, or changes in access for existing staff. This is because HR is responsible for managing personnel-related information, including hiring, onboarding, role changes, and terminations, which directly impact access requirements.

A - COO, Chief Operation Office will align Organization's objectives, business objective to IT and Security. not HR, HR will receive certain policies, processes and procedures from COO.

It is always HR which initiates the provisioning. HR is responsible for ensuring that new employees have the necessary access and resources to perform their job functions, which includes initiating requests for system access, equipment, and other provisions. Operations might do it but not initiate.

In mot companies there is no Operations department, this is a canned CISSP answer and this is the answer they want for the test, so this is the answer we must use. It does not apply to the real world.

This is an example of a badly worded question because there is no context of what a business process could be in reference to; examples of business process could be (not limited to): Onboarding/Offboarding employees (HR) Budget allocation/Procurement (Finance) Marketing campaigns (Marketing) Strategic Planning (Management) Hardware and Software Procurement, enhancements, updates, adaptation (IT) Incident response, Vulnerability management, Security awareness training (Security)

C. Human resources (HR) The Human Resources (HR) department typically initiates the request, approval, and provisioning business process for tasks related to employee onboarding, offboarding, access requests, and other personnel-related activities. This process involves requesting access to systems, applications, and resources for new hires or making changes to existing employees' access levels. After HR initiates the request, it is often passed on to the IT department for further action.

A is correct folks are amazing who is answering C lol.

HR is the home office for all operations approvals and requests. Even CEO need to run things through HR for legal purposes.

to me, this answer should be C, why? maybe because i understand the following, in my company the power is withing the HR department, any Process that need to be implemented, must start , regardless who sign it for governing the process even if it is me, if the HR VP say no, i say no. so i really think this is a gray area question. it is important to note, it depend on the organization, or the bylaws of the company, however, never ever run a business from an IT perspective, you will brake your company, business has needs, IT is a service provided, they align systems with business needs. this is a golden rule every one keep it in mind.

Information technology (IT). In the modern business world, IT departments are typically responsible for initiating, approving, and provisioning business processes. IT departments manage a company's technology resources, such as hardware, software, networks, and data systems. They use these resources to streamline and automate business processes, including requesting, approving, and provisioning. Additionally, IT departments are often responsible for ensuring that the right people have access to the right resources and that the resources are secure. Resources: - https://www.techopedia.com/definition/25515/business-process-automation - https://www.globalknowledge.com/us-en/content/what-is-it-department/

Initiate, start the process. I would say Operations is the best answer. HR may be an approver and provisioner but the main initiator imo

Answer is C