nerdexam
(ISC)2

CISSP-ISSEP · Question #215

Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management?

The correct answer is C. ISG. ISG (Information Security Governance) is a subset discipline of Corporate Governance specifically concerned with aligning information security strategies with business objectives, managing security-related risks, and measuring the performance of security systems - making C the on

Governance and Training

Question

Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management?

Options

  • AComputer Misuse Act
  • BClinger-Cohen Act
  • CISG
  • DLanham Act

How the community answered

(57 responses)
  • A
    7% (4)
  • B
    4% (2)
  • C
    88% (50)
  • D
    2% (1)

Explanation

ISG (Information Security Governance) is a subset discipline of Corporate Governance specifically concerned with aligning information security strategies with business objectives, managing security-related risks, and measuring the performance of security systems - making C the only governance discipline among the choices.

The other three options are all legislative acts, not governance disciplines: the Computer Misuse Act (A) is UK legislation criminalizing unauthorized computer access; the Clinger-Cohen Act (B) is a US federal law reforming IT acquisition and establishing CIO roles in government agencies; and the Lanham Act (D) is US trademark and unfair competition law - entirely unrelated to information security.

Memory tip: Break down the acronym - Information Security Governance. If the question asks for a governance discipline about security systems and risk, the answer literally spells itself out. Any answer ending in "Act" is legislation, not a governance framework.

Topics

#ISG#Information Security Governance#Corporate Governance#Risk Management

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSEP Practice