CISSP Question #215: Real Exam Question with Answer & Explanation

The correct answer is A: poor governance over security processes and procedures. The best example of weak management commitment to the protection of security assets and resources is poor governance over security processes and procedures. Governance is the set of policies, roles, responsibilities, and processes that guide, direct, and control how an organizati

Submitted by kevin_r· Mar 5, 2026Security and Risk Management

Question

Which of the following is the BEST example of weak management commitment to the protection of security assets and resources?

Options

Apoor governance over security processes and procedures
Bimmature security controls and procedures
Cvariances against regulatory requirements
Dunanticipated increases in security incidents and threats

Explanation

The best example of weak management commitment to the protection of security assets and resources is poor governance over security processes and procedures. Governance is the set of policies, roles, responsibilities, and processes that guide, direct, and control how an organization's business divisions and IT teams cooperate to achieve business goals. Management commitment is essential for effective governance, as it demonstrates the leadership and support for security initiatives and activities. Poor governance indicates that management does not prioritize security, allocate sufficient resources, enforce accountability, or monitor

Topics

#security governance#management commitment#security posture#risk management

Community Discussion

No community discussion yet for this question.

Full CISSP Practice Browse All CISSP Questions