CREST Practitioner Security Analyst (CPSA) Practice

Disable ads (and more) with a membership for a one time $2.99 payment

Master the CREST Practitioner Security Analyst Exam. Prepare with quizzes and comprehensive study guides that include tips and explanations. Excel in your certification journey!

Each practice test/flash card set has 50 randomly selected questions from a bank of over 500. You'll get a new set of questions each time!

Practice this question and more.

Which of the following is a framework for governing and managing enterprise IT?

COBIT
FISMA
ISO 27000 Series
GLBA

The correct answer is: COBIT

The framework for governing and managing enterprise IT is COBIT (Control Objectives for Information and Related Technologies). COBIT provides a comprehensive framework that helps organizations effectively manage and govern their IT environments. It offers guidance on risk management, resource optimization, and aligning IT with business goals, ensuring that IT investments deliver value while managing risks effectively. COBIT is specifically designed to address governance issues in information technology, focusing on both the overarching governance framework and compliance aspects necessary for successful IT management. It provides structured best practices, performance measurement, and management oversight to help organizations align IT objectives with business needs. In contrast, FISMA (Federal Information Security Management Act) primarily governs the security of information systems within the federal government but does not provide a framework for overall IT governance. The ISO 27000 Series focuses more on information security management systems, which, while important, is more niche compared to the holistic governance approach of COBIT. Similarly, the Gramm-Leach-Bliley Act (GLBA) deals with financial institutions and their obligation to protect consumers' private information, lacking the broader enterprise IT governance perspective that COBIT offers.