CISSP-ISSEP · Question #197
Which of the following individuals informs all C&A participants about life cycle actions, security requirements, and documented user needs?
The correct answer is D. IS program manager. Option D is correct because the IS Program Manager holds the coordination role within the C&A process - they are responsible for informing all participants about system life cycle actions, security requirements, and documented user needs, ensuring everyone operates with consisten
Question
Which of the following individuals informs all C&A participants about life cycle actions, security requirements, and documented user needs?
Options
- AUser representative
- BDAA
- CCertification Agent
- DIS program manager
How the community answered
(46 responses)- A2% (1)
- B7% (3)
- C4% (2)
- D87% (40)
Explanation
Option D is correct because the IS Program Manager holds the coordination role within the C&A process - they are responsible for informing all participants about system life cycle actions, security requirements, and documented user needs, ensuring everyone operates with consistent, up-to-date information throughout the process.
Why the distractors are wrong:
- A (User Representative) advocates for end-user needs but does not have the coordinating authority to brief all C&A participants on lifecycle and security requirements.
- B (DAA/Designated Approving Authority) holds the ultimate authority to approve or deny system operation, but their role is decision-making, not participant communication.
- C (Certification Agent) conducts the technical security evaluation, but their focus is assessment - not informing the broader team about lifecycle actions and user needs.
Memory tip: Think of the IS Program Manager as the hub of a wheel - all the spokes (participants) connect through them. The "P" in Program Manager stands for the one who keeps everyone on the same Page about the Program's lifecycle, security requirements, and user needs.
Topics
Community Discussion
No community discussion yet for this question.