Exam CISA Topic 2 Question 411 Discussion

Actual exam question for ISACA's CISA exam
Question #: 411
Topic #: 2
Which of the following is the BEST source of information for examining the classification of new data?

Suggested Answer: C Vote an answer

Explanation
The best source of information for examining the classification of new data is the risk assessment results, because they provide an objective and consistent basis for determining the value, sensitivity, and criticality of the data, as well as the potential impact of unauthorized disclosure, modification, or loss of the data12. The risk assessment results can help to define the appropriate classification levels and criteria for the data, such as public, internal, confidential, or restricted12. Input by data custodians, security policy requirements, and current level of protection are not the best sources of information for examining the classification of new data, because they may not reflect the actual risk exposure or business needs of the data. References: 1: CISA Review Manual (Digital Version), Chapter 5, Section 5.4.2 2: CISA Online Review Course, Module 5, Lesson
4

by Erica at Aug 20, 2024, 01:28 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10