nerdexam
(ISC)2

CAP · Question #345

Which of the following governance bodies directs and coordinates implementations of the information security program?

The correct answer is D. Chief Information Security Officer. The Chief Information Security Officer (CISO) is the executive-level role responsible for directing, coordinating, planning, and organizing information security activities across the enterprise. The CISO oversees the implementation of the information security program and ensures

Security and Privacy Governance, Risk Management, and Compliance Program

Question

Which of the following governance bodies directs and coordinates implementations of the information security program?

Options

  • AInformation Security Steering Committee
  • BSenior Management
  • CBusiness Unit Manager
  • DChief Information Security Officer

How the community answered

(50 responses)
  • A
    2% (1)
  • B
    4% (2)
  • C
    6% (3)
  • D
    88% (44)

Explanation

The Chief Information Security Officer (CISO) is the executive-level role responsible for directing, coordinating, planning, and organizing information security activities across the enterprise. The CISO oversees the implementation of the information security program and ensures alignment with organizational objectives and regulatory requirements. While the Information Security Steering Committee provides high-level strategic governance and oversight, it is the CISO who is accountable for actually directing and coordinating day-to-day and program-level implementation. Senior Management sets the tone and provides authority, and Business Unit Managers execute within their domains, but neither directs the overall security program.

Topics

#CISO roles#Information security program management#Governance#Security leadership

Community Discussion

No community discussion yet for this question.

Full CAP Practice