For security controls, gap analysis involves comparing the present state of controls with a desired state of controls At a minimum, common baseline security controls should be in place Any gaps in various types of controls should be clearly documented, for example, Information security responsibilities , which a Defines the program to provide initial and ongoing security education across the organization b Reduces risk from known vulnerabilities being exploited c Defines how staff will execute upon the policies, assign responsibilities, and promote accountability d Ensures security related events are communicated and acted upon to allow corrective action to be taken by security staff

Question

For security controls, gap analysis involves comparing the present state of controls with a desired state of controls  At a minimum, common baseline security controls should be in place  Any gaps in various types of controls should be clearly documented, for example,  Information security responsibilities , which  a  Defines the program to provide initial and ongoing security education across the organization  b  Reduces risk from known vulnerabilities being exploited  c  Defines how staff will execute upon the policies, assign responsibilities, and promote accountability  d  Ensures security related events are communicated and acted upon to allow corrective action to be taken by security staff

SolutionInn · Accepted Answer

The Answer is in the image, click to view ...

Question: For security controls, gap analysis involves comparing the present state of controls with a desired state of controls. At a minimum, common baseline security controls

Step by Step Solution