Certified Chief Information Security Officer (CCISO) — Question 71

Ensuring that the actions of a set of people, applications and systems follow the organization's rules is BEST described as:

Answer options

• A. Compliance management
• B. Security management
• C. Risk management
• D. Mitigation management

Correct answer: A

Explanation

The correct answer is A, Compliance management, as it specifically focuses on adhering to laws, regulations, and internal policies. Security management (B) pertains to protecting information and assets, while risk management (C) involves identifying and mitigating potential threats. Mitigation management (D) is not a standard term used to describe organizational adherence to rules.