Home CASP+ CAS-003 Question 36

Question 36

0
35

The risk subcommittee of a corporate board typically maintains a master register of the most prominent risks to the company. A centralized holistic view of risk is particularly important to the corporate Chief Information Security Officer (CISO) because:

A. IT systems are maintained in silos to minimize interconnected risks and provide clear risk boundaries used to implement compensating controls

B. risks introduced by a system in one business unit can affect other business units in ways in which the individual business units have no awareness

C. corporate general counsel requires a single system boundary to determine overall corporate risk exposure

D. major risks identified by the subcommittee merit the prioritized allocation of scare funding to address cybersecurity concerns

Correct Answer: B

NO COMMENTS