Certified Chief Information Security Officer (CCISO) — Question 110

The FIRST step in establishing a security governance program is to?

Answer options

• A. Obtain senior level sponsorship
• B. Conduct a workshop for all end users.
• C. Conduct a risk assessment.
• D. Prepare a security budget.

Correct answer: A

Explanation

The correct answer, A, emphasizes the importance of obtaining support from senior management, as their backing is crucial for the program's success. Options B, C, and D, while important steps in the governance process, should follow the establishment of senior sponsorship to ensure adequate resources and authority.