nerdexam
(ISC)2

CISSP-ISSMP · Question #192

Which of the following governance bodies provides management, operational and technical controls to satisfy security requirements?

The correct answer is A. Senior Management. Senior Management holds ultimate accountability for the organization's security posture and is responsible for ensuring that appropriate management, operational, and technical controls are implemented to satisfy security requirements. They set the tone at the top, approve securit

Security Leadership and Management

Question

Which of the following governance bodies provides management, operational and technical controls to satisfy security requirements?

Options

  • ASenior Management
  • BBusiness Unit Manager
  • CInformation Security Steering Committee
  • DChief Information Security Officer

How the community answered

(50 responses)
  • A
    92% (46)
  • B
    4% (2)
  • C
    2% (1)
  • D
    2% (1)

Explanation

Senior Management holds ultimate accountability for the organization's security posture and is responsible for ensuring that appropriate management, operational, and technical controls are implemented to satisfy security requirements. They set the tone at the top, approve security policies, allocate budgets, and accept residual risk on behalf of the organization. While the CISO (D) advises and implements, the Information Security Steering Committee (C) guides strategy, and Business Unit Managers (B) oversee departmental compliance, it is Senior Management that is formally accountable for ensuring controls exist and are adequate across all three categories - management, operational, and technical - as recognized by frameworks like NIST SP 800-53.

Topics

#Security Governance#Organizational Roles#Senior Management Responsibility#Security Controls

Community Discussion

No community discussion yet for this question.

Full CISSP-ISSMP Practice