InfoSec IQ

What is your InfoSec IQ?

Email*

1.Your organisation asks you to build an information security risk framework from scratch. What's your starting point?

A) I'd look for a template online and adapt it

B) I'd base it on ISO 27001 or NIST CSF as a reference

C) I'd map it to our business objectives first, then select a framework that fits

D) I'd conduct a threat landscape analysis and design a framework tailored to our risk appetite and industry context

Practical InfoSec lessons from a working security manager.