Question

In: Computer Science

The use of a business case to obtain funding for an information security investment is MOST...

The use of a business case to obtain funding for an information security investment is MOST effective when the business case:

A. relates information security policies and standards into business requirements
B. relates the investment to the organization's strategic plan.
C. realigns information security objectives to organizational strategy.
D. articulates management's intent and information security directives in clear language.

Correct Answer: B????? or C????? or others (of course...)

______________________

Note

■ Some good websites claim that the correct answer is B ("relates the investment to the organization's strategic plan").

■ Others good websites claim that the correct answer is C ("realigns information security objectives to organizational strategy").

■ Why B and not C? Why C and not B?

Many thanks!

Solutions

Expert Solution

The use of a business case to obtain funding for an information security investment is MOST effective when the business case:
Answer: B. relates the investment to the organization's strategic plan.

The question is asking about obtaining funds for an information security investment, it needs the business case to be "attractive enough" to secure funding and it requires the investment to adhere to the organisation's strategic plan, hence opetion B is correct. Option A and D are wrong, as they just talk about articulating management's intent and information security directives in clear language or relating information security policies and standards into business requirements.

According to ISACA/CISM's principles the information security shouldn't be compromised and hence Option C is incorrect as the organisation might not be following the appropriate information security principles and it shouldn't be compromised/realigned.

If you need any further help please comment, I will be happy to help, thanks.


Related Solutions

CASE 5.2 Business Case business case: Lax Security at Linkein Exposed. 7-Discuss why information security is...
CASE 5.2 Business Case business case: Lax Security at Linkein Exposed. 7-Discuss why information security is a concern of senior managers. 8-Explain why someone who used the same password for several sites would need to change all those passwords. In your opinion, was LinkedIn negligent in protecting its main asset? Explain
Crowd Funding What does one do to obtain funding for a new invention, movie, or company?...
Crowd Funding What does one do to obtain funding for a new invention, movie, or company? Do you go to the bank? Do you go to venture capitalists? Do you go to angel investors? Crowd Funding is an alternative to these traditional sources of funding. Kickstarter.com is one of the largest of these crowdfunding websites. Here a person posts about the project with a description, maybe a video, and the funding needed. Backers then pledge money to the project. If...
information systems. in modern organisations, most business information systems (Bis) make extensive use of information technology...
information systems. in modern organisations, most business information systems (Bis) make extensive use of information technology such as personal computers. discuss the advantages and disadvantages of this computer-based information system.
Define and explain Direct and Indirect Investment. What investment vehicles do firms use to obtain the...
Define and explain Direct and Indirect Investment. What investment vehicles do firms use to obtain the financing for investment?
A chief information security officer is creating a security committee involving multiple business units of a...
A chief information security officer is creating a security committee involving multiple business units of a corporation. Which of the following is the best justification to ensure collaboration across business units? A risk to business unit is a risk avoided by all business units, and liberal BYOD policies create new unexpected avenues for attackers to exploit Enterprises single point of coordination is required to ensure cyber-security issues are addressed in protected, compartmentalize groups without business unit collaboration, introduced by one...
Leases are one of the most common means by which companies obtain the use of long...
Leases are one of the most common means by which companies obtain the use of long term operating assets. Lets look at the airline industry and the effect of leasing. What you believe are the benefits if any as airlines decide to lease versus buying assets? Why or why not?
Leases are one of the most common means by which companies obtain the use of long...
Leases are one of the most common means by which companies obtain the use of long term operating assets. Lets look at the airline industry and the effect of leasing. What you believe are the benefits if any as airlines decide to lease versus buying assets? Why or why not?
. Desert iguanas are thought to use their tongues to obtain information about their environment by...
. Desert iguanas are thought to use their tongues to obtain information about their environment by sampling odours that may be important for their survival and reproductive success. Pedersen (1988) studied the rates of tongue extrusions in desert iguanas who were exposed to sands collected from a = 5 different environments. These environments consisted of a1 = clean sand, a2 = sand from an iguana’s home cage, a3 = sand from cages housing other iguanas, a4 = sand from cages...
In order to maintain a business/company's sustainability, it has to obtain and analyse information on sustainability...
In order to maintain a business/company's sustainability, it has to obtain and analyse information on sustainability policies, strategies and impacts on industry from a range of sources, the sources can be either from internal and external sources. Internal information sources can including:- * organisational vision and mission, * role and task instructions, organisational policies and procedures, * code of ethics, * code of practice, * Standard Operating Procedures(SOPs), * health and safety practices and safety procedures, * technical instructions *...
8. Desert iguanas are thought to use their tongues to obtain information about their environment by...
8. Desert iguanas are thought to use their tongues to obtain information about their environment by sampling odours that may be important for their survival and reproductive success. Pedersen (1988) studied the rates of tongue extrusions in desert iguanas who were exposed to sands collected from a = 5 different environments. These environments consisted of a1 = clean sand, a2 = sand from an iguana’s home cage, a3 = sand from cages housing other iguanas, a4 = sand from cages...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT