CISSP-ISSEP · Question #215
Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management?
The correct answer is C. ISG. ISG (Information Security Governance) is a subset discipline of Corporate Governance specifically concerned with aligning information security strategies with business objectives, managing security-related risks, and measuring the performance of security systems - making C the on
Question
Which of the following is a subset discipline of Corporate Governance focused on information security systems and their performance and risk management?
Options
- AComputer Misuse Act
- BClinger-Cohen Act
- CISG
- DLanham Act
How the community answered
(57 responses)- A7% (4)
- B4% (2)
- C88% (50)
- D2% (1)
Explanation
ISG (Information Security Governance) is a subset discipline of Corporate Governance specifically concerned with aligning information security strategies with business objectives, managing security-related risks, and measuring the performance of security systems - making C the only governance discipline among the choices.
The other three options are all legislative acts, not governance disciplines: the Computer Misuse Act (A) is UK legislation criminalizing unauthorized computer access; the Clinger-Cohen Act (B) is a US federal law reforming IT acquisition and establishing CIO roles in government agencies; and the Lanham Act (D) is US trademark and unfair competition law - entirely unrelated to information security.
Memory tip: Break down the acronym - Information Security Governance. If the question asks for a governance discipline about security systems and risk, the answer literally spells itself out. Any answer ending in "Act" is legislation, not a governance framework.
Topics
Community Discussion
No community discussion yet for this question.