Investment in security technology and processes should be based on:
Click on the arrows to vote for the correct answer
A. B. C. D.A.
Organization maturity level for the protection of information is a clear alignment with goals and objectives of the organization.
Experience in previous projects is dependent upon other business models which may not be applicable to the current model.
Best business practices may not be applicable to the organization's business needs.
Safeguards inherent to existing technology are low cost but may not address all business needs and/or goals of the organization.
Investment in security technology and processes should be based on clear alignment with the goals and objectives of the organization. Answer A is the correct answer.
Explanation: A. Clear alignment with the goals and objectives of the organization: Investment in security technology and processes should align with the goals and objectives of the organization. This means that security investments should be directly linked to the organization's overall strategy and objectives. For example, if the organization's objective is to increase customer trust, then investments in security technology and processes should be directed towards achieving this objective. In other words, the security investments should be viewed as enablers to achieve business objectives. This approach will help ensure that security investments are made in a way that maximizes the return on investment for the organization.
B. Success cases that have been experienced in previous projects: While it is always helpful to look at success cases that have been experienced in previous projects, this should not be the only consideration when making security investments. Each organization has its unique security needs and objectives, and what worked in a previous project may not necessarily be the best approach for a new project. Therefore, it is important to consider the unique needs and objectives of the organization when making security investments.
C. Best business practices: Best business practices can be a useful guide when making security investments. However, it is important to remember that each organization has its unique security needs and objectives. Therefore, best business practices should be viewed as a starting point rather than a definitive guide. Organizations should tailor their security investments to their unique needs and objectives.
D. Safeguards that are inherent in existing technology: While safeguards that are inherent in existing technology can be useful, they should not be the sole basis for security investments. Technology is constantly evolving, and new security threats and vulnerabilities emerge all the time. Therefore, it is important to continually assess the organization's security needs and invest in technology and processes that address these needs.