Exam NIST-COBIT-2019 Topic 1 Question 5 Discussion

Actual exam question for ISACA's NIST-COBIT-2019 exam
Question #: 5
Topic #: 1
How should gaps identified between the current and target profiles be addressed?

Suggested Answer: C Vote an answer

According to the NIST Cybersecurity Framework, gaps identified between the current and target profiles should be addressed through a risk-based approach, which enables an organization to gauge the resources needed and prioritize the mitigation of gaps in a cost-effective manner. This approach also aligns the cybersecurity program with the business objectives and risk appetite of the organization12.
ReferencesExamples of Framework Profiles | NISTWhat is the NIST Cybersecurity Framework? | IBM

by Hazel at Jul 15, 2026, 06:00 AM

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Nick name: Submit Cancel
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

0
0
0
10