Certified Information Security Manager (CISM) — Question 219

An information security manager is implementing a bring your own device (BYOD) program. Which of the following would BEST ensure that users adhere to the security standards?

Answer options

• A. Publish the standards on the intranet landing page.
• B. Deploy a device management solution.
• C. Establish an acceptable use policy.
• D. Monitor user activities on the network.

Correct answer: C

Explanation

Establishing an acceptable use policy (C) is crucial as it clearly outlines the security expectations for users, promoting compliance. While publishing standards (A) and deploying a device management solution (B) can help, they do not directly enforce adherence. Monitoring user activities (D) is reactive rather than proactive in ensuring compliance.