How should gaps identified between the current and target profiles be addressed?
Which of the following COBIT and NIST implementation steps may be reversed depending on the culture of the organization?
Which of the following is a KEY activity of COBIT Implementation Phase 2: Where Are We Now?
During CSF implementation, when is an information security manager MOST likely to identify key enterprise and supporting alignment goals as
previously understood?
Which function of the CSF is addressed by incorporating governance, risk, and compliance (GRC) elements into the implementation plan?
Answer : C
Which of the following should be a PRIMARY consideration when creating an action plan to address gaps identified in CSF Step 6: Determine, Analyze,
and Prioritize Gaps?
Answer : A
Which of the following is an objective of Implementation Phase 3 - Where Do We Want to Be?