Question
A security plan must specify who (what organization) is responsible for implementing and managing the controls that will meet the requirements laid out in the
A security plan must specify who (what organization) is responsible for implementing and managing the controls that will meet the requirements laid out in the security plan. This also means specifying who (what organization) is responsible should security fail. Because all employees have a role to play in making security successful (regularly changing passwords, applying security patches, etc), some companies want to say "Everyone is responsible for security", and not assign overall responsibility to a particular organization. Why is this a bad idea?
Step by Step Solution
There are 3 Steps involved in it
Step: 1
Get Instant Access to Expert-Tailored Solutions
See step-by-step solutions with expert insights and AI powered tools for academic success
Step: 2
Step: 3
Ace Your Homework with AI
Get the answers you need in no time with our AI-driven, step-by-step assistance
Get Started