Exam NIST-COBIT-2019 Topic 1 Question 5 Discussion
Actual exam question for ISACA's NIST-COBIT-2019 exam
Question #: 5
Topic #: 1
Question #: 5
Topic #: 1
How should gaps identified between the current and target profiles be addressed?
Suggested Answer: C Vote an answer
According to the NIST Cybersecurity Framework, gaps identified between the current and target profiles should be addressed through a risk-based approach, which enables an organization to gauge the resources needed and prioritize the mitigation of gaps in a cost-effective manner. This approach also aligns the cybersecurity program with the business objectives and risk appetite of the organization12.
ReferencesExamples of Framework Profiles | NISTWhat is the NIST Cybersecurity Framework? | IBM
ReferencesExamples of Framework Profiles | NISTWhat is the NIST Cybersecurity Framework? | IBM
by Hazel at Jul 15, 2026, 06:00 AM
0
0
0
10
Comments
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Report Comment
Commenting
You can sign-up / login (it's free).