ISA/IEC 62443 Cybersecurity Fundamentals Specialist — Question 15
Which of the following refers to internal rules that govern how an organization protects critical system resources?
Answer options
- A. Formal guidance
- B. Legislation
- C. Security policy
- D. Code of conduct
Correct answer: C
Explanation
The correct answer is C, Security policy, as it specifically outlines the rules and procedures for protecting an organization's critical resources. Options A and D are more general guidelines and behavioral expectations, while B, Legislation, pertains to laws enacted by governments and does not focus on internal organizational practices.