Certified Information Systems Auditor (CISA) — Question 1016

Which of the following is the MAIN responsibility of the IT steering committee?

Answer options

• A. Developing and implementing the secure system development framework
• B. Implementing processes to integrate security with business objectives
• C. Developing and assessing the IT security strategy
• D. Reviewing and assisting with IT strategy integration efforts

Correct answer: D

Explanation

The correct answer is D because the IT steering committee's primary role is to oversee and facilitate the alignment of IT strategy with the overall business strategy. Options A, B, and C describe specific tasks related to security and strategy development, but they do not capture the broader responsibility of the committee to review and assist with strategy integration.