问题如下:
Effective IT risk management policy can effectively reduce the company's IT system risk. Which of the following options is not the key element of an effective IT risk management policy?
选项:
A.Assessing IT infrastructure and capacity prior to approving new products.
B.Sufficient funding is provided to develop IT systems.
C.Post-implementation reviews of IT systems should be at least 24 months after it has been conducted.
D.There is a data administrator as well as a data owner, and the data owner must ensure a sufficiently high level of data accuracy, integrity, and availability
解释:
C is correct.
考点:effective IT risk management policy
解析:根据effective IT risk management policy,IT系统的事后检查应该在6-18个月内,24个月太久了,风险较大。
其余选项都是effective IT risk management policy的条款内容,都是正确的。
这一题在哪里啊?讲义上讲了吗?