A hospital wants to compare its security controls against well-known references in the healthcare industry. Which action helps align the program with recognized baselines and demonstrate progress over time?
Perform routine reviews that compare security configurations to widely accepted references
Address each risk scenario based on evolving conditions without a preset framework
Rely on a standardized policy that aligns with organizational needs
Mandate encryption standards for devices based on organizational priorities
Conducting regular reviews against respected sources provides a clear way to track improvements and maintain consistent program growth. The other approaches do not compare configurations directly to any recognized baseline or do so in a consistent and structured manner, making it harder to demonstrate meaningful gains over time.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are recognized baselines in the context of security controls?
Open an interactive chat with Bash
Why are routine reviews important for security programs?
Open an interactive chat with Bash
How do the NIST Cybersecurity Framework and HITRUST CSF compare as healthcare baselines?