Which of the following will BEST ensure that information security risk factors are mitigated when developing in-house applications?

Questions › Category: CRISC › Which of the following will BEST ensure that information security risk factors are mitigated when developing in-house applications?

0 Vote Up Vote Down

Admin Staff asked 7 months ago

Which of the following will BEST ensure that information security risk factors are mitigated when developing in-house applications?

A. Include information security control specifications in business cases.

B. Identify key risk indicators (KRIs) as process output.

C. Identify information security controls in the requirements analysis.

D. Design key performance indicators (KPIs) for security in system specifications.








 

Suggested Answer: C



This question is in CRISC exam 
For getting Risk and Information Systems Control Certificate


Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by ISACA.
The website does not contain actual questions and answers from ISACA's Certification Exams.
Trademarks, certification & product names are used for reference only and belong to ISACA.

Which of the following will BEST ensure that information security risk factors are mitigated when developing in-house applications?

An application owner has specified the acceptable downtime in the event of an incident to be much lower than the actual time required for the response team to recover the application. Which of the following should be the NEXT course of action?

A key risk indicator (KRI) is reported to senior management on a periodic basis as exceeding thresholds, but each time senior management has decided to take no action to reduce the risk. Which of the following is the MOST likely reason for senior management's response?

AZ-104 Practice Test Free

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password

Which of the following will BEST ensure that information security risk factors are mitigated when developing in-house applications?

An application owner has specified the acceptable downtime in the event of an incident to be much lower than the actual time required for the response team to recover the application. Which of the following should be the NEXT course of action?

A key risk indicator (KRI) is reported to senior management on a periodic basis as exceeding thresholds, but each time senior management has decided to take no action to reduce the risk. Which of the following is the MOST likely reason for senior management's response?

AZ-104 Practice Test Free

Related Questions

Recommended

AZ-104 Practice Test Free

Cisco IOS Popular Commands

Linux Professional Institute LPIC-2 Certificate

Linux Professional Institute LPIC-1 Certificate

Cisco Certified DevNet Associate Certificate

AWS Certified Cloud Practitioner Certificate

Welcome Back!

Create New Account!

Retrieve your password