CompTIA Security+ (SY0-701) — Question 526

Which of the following is the most important element when defining effective security governance?

Answer options

• A. Discovering and documenting external considerations
• B. Developing procedures for employee onboarding and offboarding
• C. Assigning roles and responsibilities for owners, controllers, and custodians
• D. Defining and monitoring change management procedures

Correct answer: C

Explanation

The correct answer, C, is crucial because clearly defined roles and responsibilities ensure accountability and effective security management. Options A and B are important for security but do not directly relate to governance structure, while D focuses on change management, which is a subset of governance rather than a foundational element.