Which of the following would BEST ensure the success of information security governance within an organization?

Posted by: Pdfprep Category: CISM Tags: , ,

Which of the following would BEST ensure the success of information security governance within an organization?
A . Steering committees approve security projects
B . Security policy training provided to all managers
C . Security training available to all employees on the intranet
D . Steering committees enforce compliance with laws and regulations

Answer: A

Explanation:

The existence of a steering committee that approves all security projects would be an indication of the existence of a good governance program. Compliance with laws and regulations is part of the responsibility of the steering committee but it is not a full answer. Awareness training is important at all levels in any medium, and also an indicator of good governance.

However, it must be guided and approved as a security project by the steering committee.

Leave a Reply

Your email address will not be published.