An information security manager learns of a new standard related to an emerging technology the organization wants to implement. Which of the following should the information security manager recommend be done FIRST?
An information security manager learns of a new standard related to an emerging technology the organization wants to implement. Which of the following should the information security manager recommend be done FIRST?
When dealing with the implementation of a new technology, it is critical to first perform a risk assessment. This helps identify potential risks and vulnerabilities associated with the new technology, and understand how it might impact the organization's security posture. By conducting a risk assessment first, the organization can make an informed decision on whether to proceed with implementing the technology, and develop appropriate controls and mitigation strategies.
As Organization want's to implement the new technology, B, C, D may not be correct option. A would be correct.
C. Determine whether the organization can benefit from adopting the new standard.
C. Determine whether the organization can benefit from adopting the new standard. The question is focused on adopting the new standard. A. is not the correct answer. C is.
How do you cetermine that the organisation can benefit from adopting the new standard = by performing risk assessments.
I believe that to understand the value first and then assess the risk once decide to adopt it.