Certified Information Security Manager (CISM) — Question 1167

Which of the following is the MOST important step when establishing guidelines for the use of social networking sites in an organization?

Answer options

• A. Identify secure social networking sites
• B. Establish disciplinary actions for noncompliance
• C. Perform a vulnerability assessment
• D. Define acceptable information for posting

Correct answer: D

Explanation

Defining acceptable information for posting is crucial as it sets the standards for what can be shared, ensuring the protection of the organization's reputation and sensitive information. While identifying secure sites and establishing disciplinary actions are important, they do not directly address the content that employees can share. Performing a vulnerability assessment, though useful for security, is not focused on the guidelines for social media use.