Your company is growing sharply. Buying out a prominent partner is an initiative of its growth strategy. As a CISO, which of the following should be conducted before the acquisition? A. Security audits B. Risk treatment C. Due care to avoid negligence D. Preemptive or proactive investigations
Your company is a direct bank that relies entirely on internet banking; its shares are public-traded. You are exercising due diligence surveying applicable laws and regulations to your company. Which of the following has a profound effect on corporate governance and holds directors and officers personally liable for the accuracy of financial statements? A. GDPR
You are sitting for the CISSP exam. An agreement is displayed on the screen requiring that you, as an exam taker, cannot share any content of the exam with others. After reviewing it, you click “I agree” and proceed to start the exam. Which of the following best describes your behavior? A. Accountability
B. Digital signature
C. Due care
D. Due diligence
You are the CISO of a global company and participating in an executive meeting with an agenda to acquire a company as part of the corporate growth strategy. The CEO is concerned with the compliance of due diligence in this acquisition. As a CISO, which of the following is the best for you to contribute to this project?
A. Review the acquisition contract and identify potential contractual risks
B. Build a tiger team to conduct security testing to identify potential vulnerabilities and threats.
C. Train and educate the security staff of the acquired company about corporate security policies.
D. Conduct a comprehensive security assessment and identify the gap between corporate security policies.