Primary missions of a security council

Which is not one of the primary missions of a security council? Which is not a direct advantage of reporting as high in the organization as position? Review and Recommend Security Policies Prioritize Information Security Efforts Mediate between IT management and systems security Recommend Areas Requiring Investment Perform more efficient IT and network administration Gain other senior management’s attention to security Limit the distortion or inaccurate translation of messages Maintain visibility of the importance of information security Leading organizations have been doing certain critical functions to meet information security challenges. What is the correct order of these functions? 2 points Which is not the responsibility of the Internal Audit Department? 2 points What is the best way to communicate policies and controls within an organization? Assess Risk and Determine Needs > Monitor and Evaluate > Promote Awareness > Implement Policies and Controls Monitor and Evaluate > Promote Awareness > Implement Policies and Controls > Assess Risk and Determine Needs Assess Risk and Determine Needs > Implement Policies and Controls > Promote Awareness > Monitor and Evaluate Monitor and Evaluate > Implement Policies and Controls > Assess Risk and Determine Needs > Promote Awareness Evaluating the implementation of the organization’s control structure Evaluating the effectiveness of the organization’s control structure Performing penetration tests and vulnerability assessments Reporting audit failures to the board of directors if needed Promoting awareness campaigns Enforcing policies and controls Having a meeting with department leads Performing a risk analysis