nerdexam
EC-Council

312-50V11 · Question #280

A security policy will be more accepted by employees if it is consistent and has the support of

The correct answer is B. executive management.. Security policies gain broader organizational acceptance and enforceability when they carry the visible backing of executive management, whose authority creates a top-down mandate for compliance.

Information Security and Ethical Hacking Fundamentals

Question

A security policy will be more accepted by employees if it is consistent and has the support of

Options

  • Acoworkers.
  • Bexecutive management.
  • Cthe security officer.
  • Da supervisor.

How the community answered

(26 responses)
  • A
    4% (1)
  • B
    96% (25)

Why each option

Security policies gain broader organizational acceptance and enforceability when they carry the visible backing of executive management, whose authority creates a top-down mandate for compliance.

Acoworkers.

Coworker support can create a positive security culture but does not carry the authority or organizational weight needed to mandate compliance with formal policy.

Bexecutive management.Correct

Executive management sponsorship signals that security policy is an organizational priority, not just an IT recommendation, which motivates employees at all levels to comply. Without executive backing, employees may view policies as optional or low-priority. This is a foundational principle in security governance frameworks such as ISO 27001 and NIST SP 800-12, both of which require management commitment as a prerequisite to an effective security program.

Cthe security officer.

The security officer is responsible for developing and advocating the policy, but lacks the cross-departmental authority that executive management holds to compel acceptance.

Da supervisor.

Supervisors can reinforce compliance within their teams, but their authority is limited in scope and does not substitute for an organization-wide executive mandate.

Concept tested: Security policy governance - executive management support

Source: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-12.pdf

Topics

#security policy#executive management#policy enforcement#organizational security

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice