CompTIA Security+ SY0-701 Practice Question
Your organization operates in multiple states within the U.S. and is planning to update its Information Security Policies. As the Security Manager, what should be your FIRST step to ensure that the updated policies comply with varying state-specific cybersecurity regulations?
Immediately revise the Acceptable Use Policy (AUP) to reflect generic best practices.
Consult with an external cybersecurity firm for a standard policy template.
Conduct a gap analysis between current information security practices and updated security policy drafts.
Review current local and regional cybersecurity laws applicable to the states where the organization operates.