Certified Information Security Manager (CISM) — Question 1229

Which of the following BEST indicates senior management support for an information security program?

Answer options

• A. Top-down communication
• B. Regular security awareness training
• C. Participation in a certification program
• D. Steering committee involvement

Correct answer: D

Explanation

The correct answer is D because involvement in a steering committee demonstrates active participation and commitment from senior management to the information security program. Options A, B, and C, while beneficial, do not directly reflect senior management's support as effectively as their involvement in strategic decision-making processes like a steering committee.