Question

In: Computer Science

The use of a business case to obtain funding for an information security investment is MOST...

The use of a business case to obtain funding for an information security investment is MOST effective when the business case:

A. relates information security policies and standards into business requirements
B. relates the investment to the organization's strategic plan.
C. realigns information security objectives to organizational strategy.
D. articulates management's intent and information security directives in clear language.

Correct Answer: B????? or C????? or others (of course...)

______________________

Note

■ Some good websites claim that the correct answer is B ("relates the investment to the organization's strategic plan").

■ Others good websites claim that the correct answer is C ("realigns information security objectives to organizational strategy").

■ Why B and not C? Why C and not B?

Many thanks!

Solutions

Expert Solution

The use of a business case to obtain funding for an information security investment is MOST effective when the business case:
Answer: B. relates the investment to the organization's strategic plan.

The question is asking about obtaining funds for an information security investment, it needs the business case to be "attractive enough" to secure funding and it requires the investment to adhere to the organisation's strategic plan, hence opetion B is correct. Option A and D are wrong, as they just talk about articulating management's intent and information security directives in clear language or relating information security policies and standards into business requirements.

According to ISACA/CISM's principles the information security shouldn't be compromised and hence Option C is incorrect as the organisation might not be following the appropriate information security principles and it shouldn't be compromised/realigned.

If you need any further help please comment, I will be happy to help, thanks.


Related Solutions

CASE 5.2 Business Case business case: Lax Security at Linkein Exposed. 7-Discuss why information security is...
CASE 5.2 Business Case business case: Lax Security at Linkein Exposed. 7-Discuss why information security is a concern of senior managers. 8-Explain why someone who used the same password for several sites would need to change all those passwords. In your opinion, was LinkedIn negligent in protecting its main asset? Explain
If the purpose of business and strategic plans are to obtain funding, would you be impressed...
If the purpose of business and strategic plans are to obtain funding, would you be impressed enough to fund projects proposed on the strength of them alone? If not, what else is needed to get you to "cross the line?" Please provide a response in 300 words.
Crowd Funding What does one do to obtain funding for a new invention, movie, or company?...
Crowd Funding What does one do to obtain funding for a new invention, movie, or company? Do you go to the bank? Do you go to venture capitalists? Do you go to angel investors? Crowd Funding is an alternative to these traditional sources of funding. Kickstarter.com is one of the largest of these crowdfunding websites. Here a person posts about the project with a description, maybe a video, and the funding needed. Backers then pledge money to the project. If...
information systems. in modern organisations, most business information systems (Bis) make extensive use of information technology...
information systems. in modern organisations, most business information systems (Bis) make extensive use of information technology such as personal computers. discuss the advantages and disadvantages of this computer-based information system.
Define and explain Direct and Indirect Investment. What investment vehicles do firms use to obtain the...
Define and explain Direct and Indirect Investment. What investment vehicles do firms use to obtain the financing for investment?
the best document to use to obtain information in order to make a decision on a...
the best document to use to obtain information in order to make a decision on a system. As a systems analyst, explain to management the two types of documents available and what they are used for
A chief information security officer is creating a security committee involving multiple business units of a...
A chief information security officer is creating a security committee involving multiple business units of a corporation. Which of the following is the best justification to ensure collaboration across business units? A risk to business unit is a risk avoided by all business units, and liberal BYOD policies create new unexpected avenues for attackers to exploit Enterprises single point of coordination is required to ensure cyber-security issues are addressed in protected, compartmentalize groups without business unit collaboration, introduced by one...
Leases are one of the most common means by which companies obtain the use of long...
Leases are one of the most common means by which companies obtain the use of long term operating assets. Lets look at the airline industry and the effect of leasing. What you believe are the benefits if any as airlines decide to lease versus buying assets? Why or why not?
Leases are one of the most common means by which companies obtain the use of long...
Leases are one of the most common means by which companies obtain the use of long term operating assets. Lets look at the airline industry and the effect of leasing. What you believe are the benefits if any as airlines decide to lease versus buying assets? Why or why not?
This case is based entirely on hypothetical information –please use only the information in the case...
This case is based entirely on hypothetical information –please use only the information in the case and do not use any information about the products/brands through other sources. Ensure that you study Chapter 2 of the textbook for the BCG Growth Share Matrix and Diversification Analysis/Market Product strategies and Matrix. Please do internet based research to understand the concepts of Harvest, Invest, and Divest) The firm Johnson-Evinrude Inc (or JE, to keep it short) has been in existence for more...
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT