Gain insights into the Isaca Cism Certification exam. Discover why Enterprise Architecture plays a crucial role in determining priorities for a long-term information security roadmap.

Question

Which of the following is MOST helpful for determining priorities when creating a long-term information security roadmap?

A. The organization’s information security framework
B. Information security steering committee input
C. Enterprise architecture (EA)
D. Industry best practices

Answer

C. Enterprise architecture (EA)

Explanation

Enterprise Architecture (EA) is a well-defined practice for conducting enterprise analysis, design, planning, and implementation for the successful development and execution of strategy. EA provides a blueprint for an effective IT strategy and guides the controlled evolution of IT in a way that delivers business benefit in a cost-effective way. It outlines how an enterprise should organize and manage to achieve its objectives. EA is unique to every organization, however, there are some common elements. Since Stephen Spewak’s Enterprise Architecture Planning (EAP) in 1993, and perhaps before then, it has been normal to divide enterprises architecture into four architecture domains.

While the organization’s information security framework, information security steering committee input, and industry best practices are all important components of a long-term information security roadmap, Enterprise Architecture is the most helpful for determining priorities. This is because it provides a holistic view of the organization’s strategy, processes, information, and IT assets, and aligns them with the organization’s business goals.

The post ISACA CISM: Understanding the Role of Enterprise Architecture appeared first on PUPUWEB - Tech Solution and Advice from Pro.