Scenario: A Chief Information Security Officer (CISO) recently had a third party conduct an audit of the security program. Internal policies and international standards were used as audit baselines. The audit report was presented to the CISO and a variety of high, medium and low rated gaps were identified.
Which of the following is the FIRST action the CISO will perform after receiving the audit report?

A. Inform peer executives of the audit results

B. Validate gaps and accepts or dispute the audit findings

C. Create remediation plans to address program gaps

D. Determine if security policies and procedures are adequate








 

Suggested Answer: B





This question is in 712-50 Certified CISO (CCISO) Exam
For getting Certified CISO (CCISO)







Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by EC-Council. 
Trademarks, certification & product names are used for reference only and belong to EC-Council.
The website does not contain actual questions and answers from EC-Council's Certification Exams.