A document that records a high-level principle or course of action that has been decided on.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $9.99Unlock all

Prepare for the ISACA IT Risk Fundamentals Test. Find flashcards and multiple choice questions, complete with hints and explanations. Ace your exam with confidence!

Multiple Choice

A document that records a high-level principle or course of action that has been decided on.

A policy is a document that records high-level principles or courses of action that have been decided on. It sets the direction and guardrails for how the organization believes things should be done, providing a formal statement of intent that guides decision-making and behavior across the enterprise.

This is why it’s the best fit: a policy captures the overarching stance or philosophy of management, not the exact steps to carry it out or the technical specs used to measure compliance. Procedures describe how to implement the policy with step-by-step instructions. Standards lay out precise criteria or benchmarks to meet. Risk is the potential for loss or harm that the policy aims to mitigate or manage, not a document of decided principles itself.

A document that records a high-level principle or course of action that has been decided on.

Prepare for the ISACA IT Risk Fundamentals Test. Find flashcards and multiple choice questions, complete with hints and explanations. Ace your exam with confidence!

A document that records a high-level principle or course of action that has been decided on.

Get the latest from Examzify