Certified Information Security Manager (CISM) — Question 1154

Which of the following is the GREATEST benefit of incorporating information security governance into the corporate governance framework?

Answer options

• A. Management accountability for information security
• B. Improved process resiliency in the event of attacks
• C. Promotion of security-by-design principles to the business
• D. Heightened awareness of information security strategies

Correct answer: A

Explanation

The greatest benefit of incorporating information security governance into the corporate governance framework is management accountability for information security. This ensures that leaders take responsibility for securing information assets, which is essential for effective governance. While the other options contribute to security, they do not directly establish accountability at the management level.