Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Isaca Exam NIST-COBIT-2019 Topic 3 Question 9 Discussion

Actual exam question for Isaca's NIST-COBIT-2019 exam
Question #: 9
Topic #: 3
[All NIST-COBIT-2019 Questions]

Which of the following is MOST likely to cause an organization's NIST Cybersecurity Framework (CSF) implementation to fail?

Show Suggested Answer Hide Answer
Suggested Answer: B

One of the most likely causes of an organization's NIST CSF implementation failure is that the potential benefits of proposed improvements are not considered, which means that the organization does not conduct a cost-benefit analysis of the solutions to address the gaps between the current and target profiles. This can result in a lack of justification, prioritization, and alignment of the implementation plan with the organization's mission drivers, risk appetite, and resource constraints12.

Reference 7 Steps to Implement & Improve Cybersecurity with NIST 3 Security Issues Overlooked By the NIST Framework


by Sharmaine at Jan 28, 2025, 01:54 AM

Limited Time Offer

25%

Off

Get Premium NIST-COBIT-2019 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Janet
4 months ago
I dunno, I just hope the NIST folks don't try to make us wear funny hats or something during the implementation. That would be a real dealbreaker.
upvoted 0 times
Mammie
3 months ago
B) Potential benefits of proposed improvements are not considered.
upvoted 0 times
...
Burma
4 months ago
A) Organizational training on the CSF is not provided.
upvoted 0 times
...
...
Stephaine
5 months ago
Hah, I bet the real reason it fails is because the IT guy got distracted by the latest video game release. Gotta keep those priorities straight!
upvoted 0 times
Leota
4 months ago
Hah, I bet the real reason it fails is because the IT guy got distracted by the latest video game release. Gotta keep those priorities straight!
upvoted 0 times
...
Jose
4 months ago
C) The implementation timeline is too long.
upvoted 0 times
...
Mozell
4 months ago
B) Potential benefits of proposed improvements are not considered.
upvoted 0 times
...
Wendell
4 months ago
A) Organizational training on the CSF is not provided.
upvoted 0 times
...
...
Leeann
5 months ago
Not considering the potential benefits? That's just bad business sense. How are we supposed to get buy-in without that?
upvoted 0 times
Elmira
3 months ago
We need to make sure everyone sees the value in implementing the CSF.
upvoted 0 times
...
Sonia
3 months ago
I agree, not considering the potential benefits is a big mistake.
upvoted 0 times
...
Kenneth
3 months ago
C) The implementation timeline is too long.
upvoted 0 times
...
Rozella
4 months ago
B) Potential benefits of proposed improvements are not considered.
upvoted 0 times
...
Michal
4 months ago
A) Organizational training on the CSF is not provided.
upvoted 0 times
...
...
Gussie
5 months ago
I believe the implementation timeline being too long could also lead to failure. It may result in delays and loss of momentum.
upvoted 0 times
...
Juliana
5 months ago
I agree with Shanda. Without proper training, employees may not understand how to effectively implement the framework.
upvoted 0 times
...
Shanda
5 months ago
I think not providing organizational training on the CSF could cause the implementation to fail.
upvoted 0 times
...
Ressie
5 months ago
The timeline being too long is a recipe for failure. Cybersecurity moves fast, and we need to keep up the momentum.
upvoted 0 times
...
Shoshana
5 months ago
I think the lack of organizational training on the CSF is the biggest issue. How can we expect people to implement something they don't understand?
upvoted 0 times
Samuel
5 months ago
B) Potential benefits of proposed improvements are not considered.
upvoted 0 times
...
Rasheeda
5 months ago
I agree, without proper training, it's hard for people to know how to implement the CSF.
upvoted 0 times
...
Hillary
5 months ago
A) Organizational training on the CSF is not provided.
upvoted 0 times
...
...

Save Cancel