Scenario: You are the CISO and have just completed your first risk assessment for your organization. You find many risks with no security controls, and some risks with inadequate controls. You assign work to your staff to create or adjust existing security controls to ensure they are adequate for risk mitigation needs.
When adjusting the controls to mitigate the risks, how often should the CISO perform an audit to verify the controls?

A. Never

B. Quarterly

C. Annually

D. Semi-annually








 

Suggested Answer: A

Community Answer: C




This question is in 712-50 EC-Council Certified CISO (CCISO) Exam
For getting EC-Council Certified CISO (CCISO) Certificate




Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by EC-Council.
Trademarks, certification & product names are used for reference only and belong to EC-Council.
The website does not contain actual questions and answers from EC-Council's Certification Exam.