A security administrator is tasked with ensuring the organization's security policies and procedures remain effective. Which of the following represents the BEST approach for reviewing these documents?
On a periodic schedule and in response to significant organizational or environmental changes
At the beginning of each fiscal year when new budgets are allocated
Whenever a new technology system is introduced into the environment
Only when a major security incident or data breach occurs
Security policies and procedures should be treated as living documents. The best practice is to review them on a regular, scheduled basis (e.g., annually) and also whenever significant changes occur. Significant changes can include new regulatory requirements, major shifts in technology (like adopting a new cloud platform), emerging threats, or lessons learned from security incidents. Reviewing them only after a major incident is a reactive approach that fails to proactively address risks. While events like the introduction of a new technology or fiscal year planning might trigger reviews, a comprehensive approach involves both periodic reviews and event-driven updates.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a 'living document' in the context of security policies?
Open an interactive chat with Bash
What are examples of 'significant organizational or environmental changes' that would trigger a review of security policies?
Open an interactive chat with Bash
Why is reviewing security policies only after a major incident a poor approach?