Certified Chief Information Security Officer (CCISO) — Question 56

Why is it vitally important that senior management endorse a security policy?

Answer options

• A. So that employees will follow the policy directives.
• B. So that they can be held legally accountable.
• C. So that external bodies will recognize the organizations commitment to security.
• D. So that they will accept ownership for security within the organization.

Correct answer: D

Explanation

The correct answer is D because when senior management takes ownership of the security policy, it fosters a culture of accountability and prioritizes security throughout the organization. Options A, B, and C, while relevant, do not address the vital aspect of ownership and responsibility that senior management must have for the policy to be effective.