Certified Chief Information Security Officer (CCISO) — Question 3

The Information Security Governance program MUST:

Answer options

• A. integrate with other organizational governance processes
• B. show a return on investment for the organization
• C. integrate with other organizational governance processes
• D. support user choice for Bring Your Own Device (BYOD)

Correct answer: C

Explanation

The correct answer, C, emphasizes the necessity for the Information Security Governance program to work in harmony with other governance processes in the organization. Options A and C are essentially identical, but only one can be the correct response. Option B, while relevant, is not a requirement for governance programs, and D focuses on user preferences rather than governance integration.