Which of the following is responsible for legal and regulatory liability?
A . Chief security officer (CSO)
B . Chief legal counsel (CLC)
C . Board and senior management
D . Information security steering group
Answer: C
Explanation:
The board of directors and senior management are ultimately responsible for all that happens in the organization. The others are not individually liable for failures of security in the organization.