Certified Chief Information Security Officer (CCISO) — Question 101

Control Objectives for Information and Related Technology (COBIT) is which of the following?

Answer options

• A. An audit guideline for certifying secure systems and controls
• B. An information Security audit standard
• C. A framework for Information Technology management and governance
• D. A set of international regulations for Information Technology governance

Correct answer: C

Explanation

The correct answer is C, as COBIT is specifically designed to provide a comprehensive framework for managing and governing IT effectively. Options A and B describe auditing standards, which COBIT is not, while option D incorrectly categorizes COBIT as a set of regulations rather than a management framework.