CAP · Question #345
Which of the following governance bodies directs and coordinates implementations of the information security program?
The correct answer is D. Chief Information Security Officer. The Chief Information Security Officer (CISO) is the executive-level role responsible for directing, coordinating, planning, and organizing information security activities across the enterprise. The CISO oversees the implementation of the information security program and ensures
Question
Which of the following governance bodies directs and coordinates implementations of the information security program?
Options
- AInformation Security Steering Committee
- BSenior Management
- CBusiness Unit Manager
- DChief Information Security Officer
How the community answered
(50 responses)- A2% (1)
- B4% (2)
- C6% (3)
- D88% (44)
Explanation
The Chief Information Security Officer (CISO) is the executive-level role responsible for directing, coordinating, planning, and organizing information security activities across the enterprise. The CISO oversees the implementation of the information security program and ensures alignment with organizational objectives and regulatory requirements. While the Information Security Steering Committee provides high-level strategic governance and oversight, it is the CISO who is accountable for actually directing and coordinating day-to-day and program-level implementation. Senior Management sets the tone and provides authority, and Business Unit Managers execute within their domains, but neither directs the overall security program.
Topics
Community Discussion
No community discussion yet for this question.