C. Identify information security controls in the requirements analysis.
The best way to ensure that information security risk factors are mitigated when developing in-house applications is to identify information security controls during the requirements analysis phase. This means integrating security considerations into the early stages of the application development process. By doing so, you can define security requirements, identify potential risks, and specify controls that need to be implemented to mitigate those risks.
Without a doubt:
Tasks that determine the needs or conditions to meet a new or altered solution, accounting for multiple perspectives, e.g., balancing stakeholder needs and constraints, allocation of requirements to components, breaking down complex requirements to lower level requirements (CMMI).
A: is my choice. Include information security control specifications in the business case. Specifications are used in the development of applications.
C: Identify information security controls in the requirements analysis is identifying something in the requirements analysis. Requirements have to finalized and approved to become specifications.
Requirements analysis would be before the business case, C for me
upvoted 2 times
...
...
This section is not available anymore. Please use the main Exam Page.CRISC Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Staanlee
9 months agoCbtL
1 year, 1 month agojohn_boogieman
1 year, 3 months agoCeecil1959
2 years, 1 month agoZiggybooboo
1 year, 4 months ago