High-Level Statements, Beliefs, Goals and Objectives
Question
What can best be defined as high-level statements, beliefs, goals and objectives?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B.
Policies are high-level statements, beliefs, goals and objectives and the general means for their attainment for a specific subject area.
Standards are mandatory activities, action, rules or regulations designed to provide policies with the support structure and specific direction they require to be effective.
Guidelines are more general statements of how to achieve the policies objectives by providing a framework within which to implement procedures.
Procedures spell out the specific steps of how the policy and supporting standards and how guidelines will be implemented.
Source: HARE, Chris, Security management Practices CISSP Open Study Guide, version 1.0, april 1999.
The best answer to this question is B. Policies.
Policies can be defined as high-level statements, beliefs, goals, and objectives that guide and direct decision-making processes within an organization. They are designed to provide a framework for decision-making, communication, and behavior within an organization.
Policies are typically developed by senior management and reflect the organization's overall strategy and goals. They are used to establish the organization's expectations for employee behavior and provide guidance for specific actions.
Examples of policies that might be developed by a security administrator could include an information security policy that outlines how information should be protected within an organization, or an access control policy that establishes the procedures for granting and revoking access to sensitive data.
In contrast, standards are more specific and provide detailed requirements for specific technologies, products, or processes. Guidelines are recommendations for best practices that are less prescriptive than policies and are often used to supplement policies. Procedures, on the other hand, are detailed step-by-step instructions for carrying out specific tasks.
Overall, policies are important because they provide a foundation for decision-making and action within an organization. They help to ensure consistency, accountability, and compliance with legal and regulatory requirements.
