7d • 🙋♂️ CISSP
CISSP Practice Question (Domain 1: Security and Risk Management)
Your organization's AI ethics board recommends prohibiting facial recognition in employee monitoring. The COO objects, arguing it's needed for physical security in high-clearance areas. Both sides present valid business justifications. Who should make the FINAL risk acceptance decision?
A. The AI ethics board since they have specialized governance authority
B. The CISO based on security domain expertise and risk ownership
C. The COO as the senior operational business leader with budget authority
D. Senior management or the risk committee based on organizational risk tolerance
Come back for the answer tomorrow, or study more now!
3
18 comments
CISSP Practice Question (Domain 1: Security and Risk Management)
skool.com/cybersecurity-study-group
Share resources, get advice, and connect with peers studying cybersecurity. Join our CISSP study group and connect with fellow professionals today!
Leaderboard (30-day)
1
+62
2
+42
3
+41
4
+38
5
+34
Powered by