Certified Chief Information Security Officer (CCISO) — Question 111

Which of the following is MOST important when dealing with an Information Security Steering committee?

Answer options

• A. Ensure that security policies and procedures have been vetted and approved.
• B. Review all past audit and compliance reports.
• C. Include a mix of members from different departments and staff levels.
• D. Be briefed about new trends and products at each meeting by a vendor.

Correct answer: B

Explanation

The correct answer is B because reviewing past audit and compliance reports is essential for understanding previous security gaps and ensuring that the committee can make informed decisions. While options A, C, and D are important, they do not hold the same level of critical importance in the context of ensuring the committee's effectiveness in addressing security concerns.