Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

ISC2 CISSP Exam - Topic 1 Question 96 Discussion

Actual exam question for ISC2's CISSP exam
Question #: 96
Topic #: 1
[All CISSP Questions]

Who has the PRIMARY responsibility to ensure that security objectives are aligned with organization goals?

Show Suggested Answer Hide Answer
Suggested Answer: B

Information assets are any data or information that have value for the organization, such as financial records, customer data, intellectual property, or trade secrets. Information assets are essential for the organization to achieve its objectives and to maintain its competitive advantage. Information assets should be identified, classified, and protected according to their value, sensitivity, and criticality. International Organization for Standardization (ISO) 27001 compliance does not specify which information assets must be included in asset inventory, but rather provides a framework and a set of requirements for establishing, implementing, maintaining, and improving an information security management system (ISMS). Building an information assets register is not necessarily a resource-intensive job, but rather a necessary and beneficial one, as it helps to document and manage the information assets of the organization, and to support the risk assessment and security planning processes. Information assets inventory is required for risk assessment, as it helps to determine the scope, impact, and likelihood of the risks that may affect the information assets, and to prioritize and implement the appropriate controls and measures to mitigate the risks.


by Myra at Jan 09, 2025, 02:55 AM

Limited Time Offer

25%

Off

Get Premium CISSP Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Susy
4 months ago
Audit committee should be involved too, right?
upvoted 0 times
...
Lorrie
5 months ago
Wait, is it really just senior management? Seems too simple.
upvoted 0 times
...
Nohemi
5 months ago
All users have a part to play, but management leads.
upvoted 0 times
...
Aliza
5 months ago
I think it's more on the info security department.
upvoted 0 times
...
Kaycee
5 months ago
Definitely senior management! They set the tone.
upvoted 0 times
...
Abel
5 months ago
I’m torn between senior management and the information security department. I recall discussions about how both need to work together to align goals.
upvoted 0 times
...
Adria
6 months ago
The audit committee might have some oversight, but I don't think they are the primary ones responsible. It feels more like a supportive role.
upvoted 0 times
...
Alona
6 months ago
I remember a practice question where it emphasized the role of the information security department, but I feel like they support rather than lead.
upvoted 0 times
...
Narcisa
6 months ago
I think senior management has the primary responsibility, but I'm not completely sure. It seems like they set the overall direction.
upvoted 0 times
...
Daron
6 months ago
I'm a little confused by this question. Is the audit committee really responsible for ensuring security objectives are aligned? That doesn't seem quite right to me. I'll have to think about this one some more.
upvoted 0 times
...
Evangelina
6 months ago
Okay, I've got this. The primary responsibility has to be with senior management, since they are responsible for aligning the organization's overall goals and objectives. The security team implements the controls, but the executives set the priorities.
upvoted 0 times
...
Rodolfo
6 months ago
Hmm, I'm a bit unsure about this one. I know senior management has a big role in setting strategic direction, but the information security department is also crucial for implementing security controls. Let me think this through.
upvoted 0 times
...
Lezlie
6 months ago
This seems like a straightforward question about organizational responsibility for security objectives. I'll carefully review the options and think about where the primary responsibility lies.
upvoted 0 times
...
Sharmaine
12 months ago
This is a no-brainer - senior management is definitely responsible. Although, I bet some of the users would think the correct answer is 'all the donuts in the break room'.
upvoted 0 times
Melina
11 months ago
Exactly, senior management plays a crucial role in ensuring security objectives are aligned with organization goals.
upvoted 0 times
...
Shannan
11 months ago
Some users might think it's all about the donuts, but in reality, it's senior management's job.
upvoted 0 times
...
Glendora
11 months ago
I agree, senior management should definitely take the lead on this.
upvoted 0 times
...
Mariann
11 months ago
Senior management is the one responsible for aligning security objectives with organization goals.
upvoted 0 times
...
...
Stevie
12 months ago
All users? Ha! Good luck getting them to take security seriously. Senior management has to lead the way on this one.
upvoted 0 times
...
Dyan
12 months ago
The audit committee? Really? They're more concerned with financial compliance than actual security implementation.
upvoted 0 times
Kimi
11 months ago
B) Information security department
upvoted 0 times
...
Fatima
11 months ago
A) Senior management
upvoted 0 times
...
...
Gilma
12 months ago
I think the information security department should be responsible for aligning security objectives. They're the experts, after all.
upvoted 0 times
...
Ligia
12 months ago
Senior management, of course! They're the ones who set the strategic direction for the organization.
upvoted 0 times
...
Herminia
1 year ago
But shouldn't all users also be responsible for ensuring security objectives are aligned with organization goals?
upvoted 0 times
...
Justine
1 year ago
I agree with Nelida, senior management sets the overall direction for the organization.
upvoted 0 times
...
Nelida
1 year ago
I think senior management has the primary responsibility.
upvoted 0 times
...

Save Cancel