Certified Chief Information Security Officer (CCISO) — Question 125

What are the three hierarchically related aspects of strategic planning and in which order should they be done?

Answer options

• A. 1) Information technology strategic planning, 2) Enterprise strategic planning, 3) Cybersecurity or information security strategic planning
• B. 1) Cybersecurity or information security strategic planning, 2) Enterprise strategic planning, 3) Information technology strategic planning
• C. 1) Enterprise strategic planning, 2) Information technology strategic planning, 3) Cybersecurity or information security strategic planning
• D. 1) Enterprise strategic planning, 2) Cybersecurity or information security strategic planning, 3) Information technology strategic planning

Correct answer: C

Explanation

The correct sequence starts with Enterprise strategic planning as it sets the overall direction of the organization. Next, Information technology strategic planning aligns IT initiatives with business goals, and finally, Cybersecurity or information security strategic planning ensures that security measures support the established strategies. The other options misplace the order, which can lead to ineffective strategic alignment.