A security administrator is tasked with ensuring the organization's security policies and procedures remain effective. Which of the following represents the BEST approach for reviewing these documents?
At the beginning of each fiscal year when new budgets are allocated
Whenever a new technology system is introduced into the environment
Only when a major security incident or data breach occurs
On a periodic schedule and in response to significant organizational or environmental changes
Security policies and procedures should be treated as living documents. The best practice is to review them on a regular, scheduled basis (e.g., annually) and also whenever significant changes occur. Significant changes can include new regulatory requirements, major shifts in technology (like adopting a new cloud platform), emerging threats, or lessons learned from security incidents. Reviewing them only after a major incident is a reactive approach that fails to proactively address risks. While events like the introduction of a new technology or fiscal year planning might trigger reviews, a comprehensive approach involves both periodic reviews and event-driven updates.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why is continuous monitoring important for security policies?
Open an interactive chat with Bash
What are best practices for reviewing security policies?
Open an interactive chat with Bash
What could happen if policies are only reviewed after major incidents?