Question

In: Computer Science

What is the PRIMARY goal of an Information Security Continuous Monitoring (ISCM) strategy? Create expedited assessment...

What is the PRIMARY goal of an Information Security Continuous Monitoring (ISCM) strategy?

  1. Create expedited assessment process for cost savings.
  2. Maintain visibility of an organization’s high-cost controls.
  3. Support organization risk management decisions.
  4. Assess the organizational tiers.

Solutions

Expert Solution

The primary goal of an ISCM strategy is :

Answer : C. Support organization risk management decisions.


Expert Solution

The PRIMARY goal of an Information Security Continuous Monitoring (ISCM) strategy is:
C. Support organization risk management decisions.

Per the National Institute of Standards and Technology (NIST), ISCM meant for Federal Information Systems and Organizations is defined as, its purpose, vision, and goal are to maintain ongoing information security, vulnerabilities, and threats awareness, supporting organizational risk management decisions.

Federal government use and work based on Risk Management Framework (RMF) which is a unified information security framework. This RMF is developed by NIST, is meant and used as a disciplined and structured process to integrate information security and risk management activities into the system development life cycle. While ISCM plays an important and critical role in this RMF process. Hence, as a basic component or pillar of ISCM strategy is to focus on monitoring and support risk management decisions amongst multiple mission operations areas related, affected, influenced by the cyberspace domain.

ISCM strategy provides an approach to compliance and risk management. The strategy identifies a system (Security) risks in a company or an organization, and laters lets that risk to be changed dynamically depending on the threat need.

It is not option (A) Create expedited assessment process for cost savings- as it has nothing to do with business costs, as the name ISCM suggests, it has to do with security, risks, threats, mitigation, monitoring, protection, and prevention.
It is not option (B) Maintain visibility of an organization’s high-cost controls either, as again, it has nothing to do with organization's business costs, as the name ISCM suggests, it has to do with security, risks, threats, mitigation, monitoring, protection, and prevention.
It is not option (D) Assess the organizational tiers- it has nothing to with the core business or the organization's structure, tiers, or hierarchy, as it is completely into Information Security.


Related Solutions

What is the primary goal of the vulnerability assessment and remediation domain of the maintenance model?
What is the primary goal of the vulnerability assessment and remediation domain of the maintenance model? Is this important to an organization with an Internet presence? Why?
What is the primary goal of capitalism? What is the primary goal of socialism?
What is the primary goal of capitalism? What is the primary goal of socialism? What do you think are the pros and cons of each?
What is the primary goal of capitalism? What is the primary goal of socialism? What do...
What is the primary goal of capitalism? What is the primary goal of socialism? What do you think are the pros and cons of each?
Assess the relationships between continuous monitoring for 1) NIST Systems Security Engineering, SP 800-160, Systems Security...
Assess the relationships between continuous monitoring for 1) NIST Systems Security Engineering, SP 800-160, Systems Security Engineering and 2) IETF SACM. Consider for your Analysis and Conclusions utilizing the NIST enterprise levels: • Level 1: Organization • Level 2: Mission/Business Processes • Level 3: System
What is continuous monitoring. How can this be applied to conserve energy?
What is continuous monitoring. How can this be applied to conserve energy?
What is the primary goal of interest groups?
What is the primary goal of interest groups? 
What is the primary goal of management? What are the primary tasks of a Chief Financial...
What is the primary goal of management? What are the primary tasks of a Chief Financial Officer (CFO) and others in finance function of an organization?
1. What is the primary goal of management? What are the primary tasks of a Chief...
1. What is the primary goal of management? What are the primary tasks of a Chief Financial Officer (CFO) and others in finance function of an organization? 2. Name and explain three tricks that management can play to manage earnings. Explain how using financial ratios can help spot these tricks. 3. Why is it important to analyze profitability, specifically focusing on return on investment? Invoke the breakdown of ROI in thinking about your response.
Implementation, Operations, and Monitoring / Enterprise Security Strategy Plan Instructions: In NO LESS than 400 words,...
Implementation, Operations, and Monitoring / Enterprise Security Strategy Plan Instructions: In NO LESS than 400 words, answer the following question. Regarding the implementation of a security plan, this can be anything from the organizational change management aspects (users) or the technical implementation (information technology staff),Select 2 key areas to either engage in the normal, everyday operations of a security team, or 2 key areas to monitor, and why. Describe and evaluate each key area. 200 words requirement for each.
Should cost minimization or opportunity maximization be the primary goal of a cooperative strategy? Can both...
Should cost minimization or opportunity maximization be the primary goal of a cooperative strategy? Can both be achieved simultaneously? Why or why not? original answer please not copy and paste from a previous answer
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT