The MOST appropriate role for senior management in supporting information security is the:

CISM 0 Comments

The MOST appropriate role for senior management in supporting information security is the:
A . evaluation of vendors offering security products.
B . assessment of risks to the organization.
C . approval of policy statements and funding.
D . monitoring adherence to regulatory requirements.

Answer: C

Explanation:

Since the members of senior management are ultimately responsible for information security, they are the ultimate decision makers in terms of governance and direction. They are responsible for approval of major policy statements and requests to fund the information security practice. Evaluation of vendors, assessment of risks and monitoring compliance with regulatory requirements are day-to-day responsibilities of the information security manager; in some organizations, business management is involved in these other activities, though their primary role is direction and governance.

Latest CISM Dumps Valid Version with 1327 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Instant Download CISM PDF     CISM Questions Online Training
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments