Which of the following is a framework principle established by NIST as an initial framework consideration?
Answer(s): C
One of the framework principles established by NIST is to ensure that the framework is consistent and aligned with existing regulatory and legal requirements that are relevant to cybersecurity12.
1: Cybersecurity Framework | NIST 2: Framework Documents | NIST
Which role will benefit MOST from a better understanding of the current cybersecurity posture by applying the CSF?
Answer(s): A
Executives are the role that will benefit most from a better understanding of the current cybersecurity posture by applying the CSF. This is because executives are responsible for setting the strategic direction, objectives, and priorities for the organization, as well as overseeing the allocation of resources and the management of risks1. By applying the CSF, executives can gain a comprehensive and consistent view of the cybersecurity risks and capabilities of the organization, and align them with the business goals and requirements2. The CSF can also help executives communicate and collaborate with other stakeholders, such as regulators, customers, suppliers, and partners, on cybersecurity issues3.
1: Implementing the NIST Cybersecurity Framework Using COBIT 2019 | ISACA 2:Cybersecurity Framework | NIST 3: Framework Documents | NIST
When coordinating framework implementation, the business/process level collaborates with the implementation/operations level to:
Answer(s): B
According to the TM Forum's Business Process Framework (eTOM), the business/process level is responsible for defining the business strategy, objectives, and requirements, as well as monitoring and controlling the performance and quality of the processes1. The implementation/operations level is responsible for designing, developing, and executing the processes that deliver and support the services1. When coordinating framework implementation, these two levels collaborate to assess changes in current and future risks, such as market trends, customer expectations, regulatory compliance, security threats, and operational issues2. This helps them to align the processes with the business goals and outcomes, and to identify and mitigate any potential gaps or challenges3.
1: Process Framework (eTOM) - TM Forum 2: Implement Dynamics 365 with a process- focused approach 3: Operations Management Implementation - Smarter Solutions, Inc.
Which of the following COBIT 2019 governance principles corresponds to the CSF application stating that CSF profiles support flexibility in content and structure?
This principle corresponds to the CSF application stating that CSF profiles support flexibility in content and structure, because both emphasize the need for tailoring the governance system to the specific context and requirements of the enterprise12. The CSF profiles are based on the enterprise's business drivers, risk appetite, and current and target cybersecurity posture3. The COBIT 2019 design factors are a set of parameters that influence the design and operation of the governance system, such as enterprise strategy, size, culture, and regulatory environment4.
1: COBIT | Control Objectives for Information Technologies | ISACA 2: COBIT 2019 Framework ITSM Docs - ITSM Documents & Templates 3: Framework Documents | NIST 4:Introduction to COBIT Principles - Testprep Training Tutorials
Post your Comments and Discuss ISACA NIST-COBIT-2019 exam prep with other Community members:
Our website is free, but we have to fight against bots and content theft. We're sorry for the inconvenience caused by these security measures. You can access the rest of the NIST-COBIT-2019 content, but please register or login to continue.
We’re offering these study questions to support your success. The least you can do? Drop a useful comment about each question. Help others. Build the community.