A mandatory requirement, code of practice or specification approved by a recognized external standards organization.

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards

From $9.99Unlock all

Prepare for the ISACA IT Risk Fundamentals Test. Find flashcards and multiple choice questions, complete with hints and explanations. Ace your exam with confidence!

Multiple Choice

A mandatory requirement, code of practice or specification approved by a recognized external standards organization.

Standards are formal, mandatory requirements or specifications that are approved by a recognized external standards organization. They provide a baseline that organizations implement to ensure consistency, security, and interoperability across systems and processes. A policy, by contrast, is an internal directive expressing management intent and high-level requirements; it isn’t necessarily created or approved by an external body. A procedure translates those policies into concrete steps to be followed, focusing on how to implement the policy. A threat is a potential harmful event considered in risk assessment, not a normative document.

The description matches a standard because it emphasizes a mandatory requirement or specification that has external approval. Examples like ISO/IEC 27001 or PCI DSS illustrate standards used to meet recognized external expectations.

A mandatory requirement, code of practice or specification approved by a recognized external standards organization.

Prepare for the ISACA IT Risk Fundamentals Test. Find flashcards and multiple choice questions, complete with hints and explanations. Ace your exam with confidence!

A mandatory requirement, code of practice or specification approved by a recognized external standards organization.

Get the latest from Examzify