Operation ; Performance evaluation ; Improvement ; Management responsibility

Context of the organization; Leadership ; Planning ; Support

Leadership ; Establish the ISMS ; Planning ; Support

Management responsibility ; Planning ; Support; Context of the organization

CDPA

CPDA

PDCA

DPCA

Business data that is valuable to the organization

Availability of personal data to unauthorized entities

Set of measures that ensure protection of PII from unauthorized access, disclosure, modification, or destruction.

All the above are correct

Nonavailability of Email server owing to monthly maintenance

Unavailability of network due to bandwidth bottlenecks

Accidental deletion of program files by a software programmer

All the above are security incidents

A good understanding of the information security requirements, risk assessment, and risk management

Visible support and commitment from all levels of management

Information security policy, objectives, and activities that reflect business objectives

External security consultants or technical experts