Cybersecurity Fundamentals Specialist Exam QuestionsBrowse all questions from this exam

Cybersecurity Fundamentals Specialist Exam - Question 76


Which is a common pitfall when initiating a CSMS program?

Show Answer
Correct Answer: B

A common pitfall when initiating a Cyber Security Management System (CSMS) program is failing to relate the program to the mission of the organization. If the cyber security efforts are not aligned with the organization's goals and mission, it may lead to the program being misunderstood, misfunded, or misprioritized, ultimately rendering it ineffective. Ensuring that the CSMS program ties back to the core mission and objectives helps in securing buy-in from stakeholders and providing clear direction and purpose to the cyber security initiatives.

Discussion

6 comments
Sign in to comment
ChrisW9200Option: B
Nov 7, 2023

62443-2-1_B.3 - "A common pitfall is to attempt to initiate a CSMS program without at least a high-level rationale that relates cyber security to the specific organization and its mission." D. is a Pitfall when performing assessments.

ChrisW9200Option: B
Nov 29, 2023

See my previous answer.

CapibaraChrisOption: B
Apr 25, 2024

Correct answer is B. Answer D, "Immediate jump into detailed risk assessment" is a pitfall of "High-Level risk assessment"

imperatorkOption: D
Oct 9, 2023

According to the ISA material, when initiating the CSMS program with initial/high level risk assessment the common pitfall is to immediately jump into detailed risk assessment

Beavis_123
Jan 29, 2024

This is a pitfall during the High Level Risk Assessment. Answer is B.

Saravanadhruv
Jan 17, 2024

Whats the correct answer? B or D?

ac873d6Option: D
Mar 22, 2024

We must select methodologies for identifying and prioritizing these risks and then execute those methodologies. We must identify them upfront and provide the structure for the rest of the risk assessment. We want to involve the stakeholders identified during the initiate step. The common pitfall here is to immediately jump into a detailed risk assessment. It's easy to do, especially with technical stakeholders. We have this shiny object syndrome that we tend to do, "Ooh, look at that. I'm going to go chase that for now. Ooh, look, I want to chase that for now." Avoid that shiny object syndrome, especially when you're doing the risk assessments. You get to see some cool things but you've got to stay focused and stay on track. IC32M page 190