ISC2 Governance, Risk and Compliance (CGRC) Practice Question
During development of the System Security Plan for a new cloud-based payroll platform, the ISSO must document the system's authorization boundary. Which information is most critical to include so the boundary is clearly defined?
The confidentiality, integrity, and availability categorization of payroll records.
A comprehensive list of all hardware, software, and services that handle payroll data, including any externally hosted components and interfaces.
The planned schedule for internal and external security audits of the payroll platform.
The organization's incident response procedures and escalation contacts.
The authorization boundary distinguishes what components are subject to assessment and control selection. NIST guidance states that every device, application, and service that processes, stores, or transmits system information-whether on-premises or in external environments-must be identified and included in the boundary description. While data sensitivity, response procedures, and audit schedules are important elements of a security plan, they do not by themselves establish where the system begins and ends. Only a complete inventory of all in-scope components and their interconnections definitively describes the authorization boundary.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is an authorization boundary in the context of system security?
Open an interactive chat with Bash
Why is it important to include external components in the authorization boundary?
Open an interactive chat with Bash
How does the authorization boundary affect security control selection?
Open an interactive chat with Bash
ISC2 Governance, Risk and Compliance (CGRC)
Scope of the System
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .