Effective Security Governance

Question 1

Which term refers to advice or information provided by a person or group with the expertise to address a problem or make improvements?
A. Operating procedures
B. Policies
C. Consulting
D. Guidance

Answer 1

D. Guidance

Question 2

What allows an information technology staff to be consistent and systematic by specifying the use of certain technologies in a uniform way, because no one individual practitioner can know everything?
A. Policies
B. Guidance
C. Procedures
D. Standards

Answer 2

D. Standards

Question 3

What describes the actions an organization takes to comply with those rules and policies as part of its operations?
A. External steering committee
B. External chief officers
C. External board of directors
D. External regulatory compliance

Answer 3

D. External regulatory compliance

Question 4

Which stakeholders, also referred to as controllers, maintain the assets from a technical and operational perspective?
A. Stewards
B. Owners
C. Processors
D. Custodians

Answer 4

D. Custodians

Question 5

What are the step-by-step instructions that define how workers carry out routine tasks to greatly improve efficiency, quality, and performance?
A. Standards
B. Policies
C. Standard operating procedures
D. Best practices

Answer 5

C. Standard operating procedures

Question 6

What is a group of key organizational stakeholders that makes determinations regarding an organization’s priorities of order of business, and manages its operations general counsel?
A. Steering committee
B. Board of Directors
C. C-suite
D. Centralized governance

Answer 6

A. Steering committee