New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca COBIT-Design-and-Implementation Exam - Topic 3 Question 12 Discussion

Actual exam question for Isaca's COBIT-Design-and-Implementation exam
Question #: 12
Topic #: 3
[All COBIT-Design-and-Implementation Questions]

After a bank experienced cyber attacks that severely impacted operations and raised questions from regulators, the board mandated the newly hired CIO to implement global best practices to mitigate this risk. The CIO is using COBIT 2019 to tailor the governance system and has identified high threat landscape as a critical design factor. Which of the following should the CIO identify NEXT?

Show Suggested Answer Hide Answer
Suggested Answer: A

After identifying a high threat landscape as a critical design factor, the CIO should next identify security-related processes. This step ensures that the governance system includes robust processes to manage and mitigate security risks.

In a high-threat landscape, focusing on security-related processes is essential to protect the enterprise's information assets and mitigate potential risks. These processes include incident management, vulnerability management, and access control, among others.

COBIT 2019 Framework Reference:

COBIT 2019 Framework: Governance and Management Objectives, APO13 Managed Security: This objective


by Lindsay at Sep 15, 2024, 06:39 PM

Limited Time Offer

25%

Off

Get Premium COBIT-Design-and-Implementation Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Anissa
3 months ago
Wow, I didn't realize COBIT could be tailored like that!
upvoted 0 times
...
Kris
3 months ago
I thought technology personnel would be the priority here.
upvoted 0 times
...
Carma
3 months ago
Security-related processes are key for a solid foundation.
upvoted 0 times
...
Lachelle
4 months ago
Wait, shouldn't IT security solutions come first?
upvoted 0 times
...
Kimbery
4 months ago
Definitely need to focus on risk management practices!
upvoted 0 times
...
Sommer
4 months ago
I feel like technology personnel should be considered, but I’m leaning towards risk management practices as the next step. It’s all about understanding the threats first, right?
upvoted 0 times
...
Noel
4 months ago
I practiced a similar question where we had to prioritize actions after a security breach. I think IT security solutions could be the right choice here.
upvoted 0 times
...
Adelina
4 months ago
I'm not entirely sure, but I think identifying security-related processes might be crucial too. They could help in addressing the immediate vulnerabilities.
upvoted 0 times
...
Skye
5 months ago
I remember discussing the importance of risk management practices in class, especially after a cyber attack. It seems like a logical next step.
upvoted 0 times
...
Elin
5 months ago
I think the answer is B - risk management practices. The question specifically mentions the CIO needs to mitigate the cyber risk, so that seems like the most relevant next step after identifying security processes.
upvoted 0 times
...
Mirta
5 months ago
Okay, let me think this through. The CIO is using COBIT 2019, so I should probably look at the key design factors and see which one aligns best with the next step.
upvoted 0 times
...
Dorothy
5 months ago
Hmm, I'm a bit unsure here. The question mentions a high threat landscape, so I'm wondering if risk management practices might be the next logical step after identifying security processes.
upvoted 0 times
...
Marcelle
5 months ago
This seems like a straightforward question about implementing COBIT 2019 to address cyber risk. I'd focus on identifying the key security-related processes that need to be tailored.
upvoted 0 times
...
Franklyn
5 months ago
This seems like a straightforward question on risk assessment methods. I'm pretty confident I can identify the correct approach based on the description.
upvoted 0 times
...
Catherin
1 year ago
Security, risk, and processes - that's the holy trinity of cybersecurity. Better get it right, CIO!
upvoted 0 times
...
Dallas
1 year ago
Hah, technology personnel? Really? The CIO's gotta be on top of their game to handle this one.
upvoted 0 times
Blythe
1 year ago
C) IT security solutions
upvoted 0 times
...
Lisha
1 year ago
B) Risk management practices
upvoted 0 times
...
Kassandra
1 year ago
A) Security-related processes
upvoted 0 times
...
...
Tammy
1 year ago
I believe risk management practices should be the next priority, as they help in identifying and addressing potential threats.
upvoted 0 times
...
Paris
1 year ago
Hmm, I'm not so sure. I think the CIO should look at IT security solutions first. That's the real meat of the issue, right?
upvoted 0 times
Christene
1 year ago
Definitely, the CIO should consider both IT security solutions and risk management practices.
upvoted 0 times
...
Eden
1 year ago
Yes, but risk management practices are also crucial in addressing cyber threats.
upvoted 0 times
...
Adell
1 year ago
D) Technology personnel
upvoted 0 times
...
Tamala
1 year ago
I agree, IT security solutions should be the priority.
upvoted 0 times
...
Ryann
1 year ago
D) Technology personnel
upvoted 0 times
...
Cherry
1 year ago
C) IT security solutions
upvoted 0 times
...
Angelyn
1 year ago
B) Risk management practices
upvoted 0 times
...
Goldie
1 year ago
C) IT security solutions
upvoted 0 times
...
Billye
1 year ago
A) Security-related processes
upvoted 0 times
...
Lisbeth
1 year ago
B) Risk management practices
upvoted 0 times
...
Reita
1 year ago
A) Security-related processes
upvoted 0 times
...
...
Penney
1 year ago
I agree with Arthur, focusing on security processes is crucial in mitigating cyber risks.
upvoted 0 times
...
Howard
1 year ago
I agree, risk management is crucial here. But don't forget about security-related processes - those will be key too.
upvoted 0 times
Tomoko
1 year ago
D) Technology personnel
upvoted 0 times
...
Beatriz
1 year ago
C) IT security solutions
upvoted 0 times
...
Dorothea
1 year ago
B) Risk management practices
upvoted 0 times
...
Viola
1 year ago
A) Security-related processes
upvoted 0 times
...
...
Arthur
1 year ago
I think the CIO should identify security-related processes next.
upvoted 0 times
...
Dorothy
1 year ago
The CIO should definitely identify risk management practices as the next step. That's the foundation for everything else.
upvoted 0 times
Bok
1 year ago
B) Risk management practices
upvoted 0 times
...
Catarina
1 year ago
A) Security-related processes
upvoted 0 times
...
...

Save Cancel