The risk subcommittee of a corporate board typically maintains a master register of the most prominent risks to the company. A centralized holistic view of risk is particularly important to the corporate Chief Information Security Officer (CISO) because:
A . IT systems are maintained in silos to minimize interconnected risks and provide clear risk boundaries used to implement compensating controls
B . risks introduced by a system in one business unit can affect other business units in ways in which the individual business units have no awareness
C . corporate general counsel requires a single system boundary to determine overall corporate risk exposure
D . major risks identified by the subcommittee merit the prioritized allocation of scare funding to address cybersecurity concerns
Answer: A
Leave a Reply