A security administrator is tasked with ensuring the organization's security policies and procedures remain effective. Which of the following represents the BEST approach for reviewing these documents?
Only when a major security incident or data breach occurs
On a periodic schedule and in response to significant organizational or environmental changes
Whenever a new technology system is introduced into the environment
At the beginning of each fiscal year when new budgets are allocated
Security policies and procedures should be treated as living documents. The best practice is to review them on a regular, scheduled basis (e.g., annually) and also whenever significant changes occur. Significant changes can include new regulatory requirements, major shifts in technology (like adopting a new cloud platform), emerging threats, or lessons learned from security incidents. Reviewing them only after a major incident is a reactive approach that fails to proactively address risks. While events like the introduction of a new technology or fiscal year planning might trigger reviews, a comprehensive approach involves both periodic reviews and event-driven updates.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is a 'living document' in the context of security policies?
Open an interactive chat with Bash
What are examples of 'significant organizational or environmental changes' that would trigger a review of security policies?
Open an interactive chat with Bash
Why is reviewing security policies only after a major incident a poor approach?