When developing an information security program, what is the MOST useful source of information for determining available resources?
Click on the arrows to vote for the correct answer
A. B. C. D.D.
A skills inventory would help identify- the available resources, any gaps and the training requirements for developing resources.
Proficiency testing is useful but only with regard to specific technical skills.
Job descriptions would not be as useful since they may be out of date or not sufficiently detailed.
An organization chart would not provide the details necessary to determine the resources required for this activity.
When developing an information security program, determining available resources is a critical aspect to ensure that the program is effective and efficient. The available resources could include personnel, equipment, funding, and technology. Therefore, identifying the most useful source of information for determining available resources is vital.
Option A, a proficiency test, may assess an individual's knowledge, skills, and abilities but may not provide comprehensive information about the available resources. It may not provide any insight into the resources that are available to develop the information security program.
Option B, job descriptions, could be useful in identifying specific roles and responsibilities in the organization, which could be helpful in determining the personnel resources available for the program. However, job descriptions may not provide information on the technology, equipment, and funding resources available for the program.
Option C, an organization chart, could provide information on the reporting structure and the hierarchy of the organization. This information could be useful in identifying the key personnel who will be involved in the program. However, the organization chart may not provide information on the technology, equipment, and funding resources available for the program.
Option D, a skills inventory, could be the most useful source of information for determining available resources. A skills inventory would provide information on the knowledge, skills, and abilities of the personnel available to develop and implement the information security program. It could also provide information on the technology, equipment, and funding resources available for the program. A skills inventory could identify the resources required for the program and the resources currently available in the organization, allowing for effective resource allocation.
In conclusion, the most useful source of information for determining available resources when developing an information security program is a skills inventory.