CNET251 Chapt 3 Governance & Strategic Planning for Security

Which of the following is used to declare the intended areas of operation for a business?

Organizational planning should make use of a bottom-up process in which the employees choose the initiatives the organization should pursue.

A multilayered approach to strategic planning encompasses two key objectives: general strategy and which of the following?

Which of the following best describes a stakeholder?

Which of the following is used to establish a formal set of organizational principles and qualities for an organization?

Which phase of the CGTF framework involves determining where you are relative to where you want to be?

InfoSec objectives must be addressed at the highest levels of an organization's management team in order to be effective and offer a sustainable approach.

According to the IDEAL framework, which functional role should be responsible for communicating policies to employees and coordinate training?

Which of the following governance processes, as outlined in ISO 27014:2013, involves the review and assessment of organizational information security performance toward goals and objectives by the governing body?

Why is the bottom-up approach less effective than the top-down approach?