Home » Isaca » CISM » Information security policy enforcement is the responsibility of the:
Information security policy enforcement is the responsibility of the:
A. security steering committee.
B. chief information officer (CIO).
C. chief information security officer (CISO).
D. chief compliance officer (CCO).
Correct Answer: C
Explanation/Reference:
Explanation:
Information security policy enforcement is the responsibility of the chief information security officer (CISO), first and foremost. The board of directors and executive management should ensure that a security policy is in line with corporate objectives. The chief information officer (CIO) and the chief compliance officer (CCO) are involved in the enforcement of the policy but are not directly responsible for it.
|
Download Printable PDF. VALID exam to help you PASS.
|
 |
