Which of the following is the BEST way to determine if an information security program aligns with corporate governance?

Posted by: Pdfprep Category: CISM Tags: , ,

Which of the following is the BEST way to determine if an information security program aligns with corporate governance?
A . Evaluate funding for security initiatives
B . Survey end users about corporate governance
C . Review information security policies
D . Review the balanced scorecard

Answer: C

Explanation:

Explanation One of the most important aspects of the action plan to execute the strategy is to create or modify, as needed, policies and standards. Policies are one of the primary elements of governance and each policy should state only one general security mandate. The road map should show the steps and the sequence, dependencies, and milestones.

Leave a Reply

Your email address will not be published.