nerdexam
ExamsCISAQuestions#440
IsacaIsaca

CISA · Question #440

CISA Question #440: Real Exam Question with Answer & Explanation

The correct answer is D: integrate it into the security awareness program. After formal approval, a security policy must be communicated and embedded into organizational culture, typically through awareness training, so that all employees understand and adhere to its

Submitted by deeparc· Apr 18, 2026Governance and Management of IT

Question

Once a security policy is approved by key stakeholders, the NEXT step should be to:

Options

  • Aupdate it according to schedule
  • Bshare it with external auditors
  • Cvalidate it against security standards
  • Dintegrate it into the security awareness program

Explanation

After formal approval, a security policy must be communicated and embedded into organizational culture, typically through awareness training, so that all employees understand and adhere to its

Topics

#Security Policy#Policy Implementation#Security Awareness#IT Governance

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CISA PracticeBrowse All CISA Questions