As a new CISO at a large healthcare company you are told that everyone has to badge in to get in the building.
Below your office window you notice a door that is normally propped open during the day for groups of people to take breaks outside. Upon looking closer, you see there is no badge reader.
What should you do?

Which International Organization for Standardization (ISO) below BEST describes the performance of risk management, and includes a five-stage risk management methodology.

The process to evaluate the technical and non-technical security controls of an IT system to validate that a given design and implementation meet a specific set of security requirements is called____________________.

An organization licenses and uses personal information for business operations, and a server containing that information has been compromised. What kind of law would require notifying the owner or licensee of this incident?

A new CISO just started with a company and on the CISO's desk is the last complete Information Security Management audit report. The audit report is over two years old. After reading it, what should be the CISO's FIRST priority?