To gain a clear understanding of the impact that a new regulatory will have on an organization’s security control, an information manager should FIRST.
A . Conduct a risk assessment
B . Interview senior management
C . Perform a gap analysis
D . Conduct a cost-benefit analysis
Answer: C
Latest CISM Dumps Valid Version with 1327 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund