Certified Information Security Manager (CISM) — Question 278

Which of the following is MOST important to the successful implementation of an information security program?

Answer options

• A. Key performance indicators (KPIs) are defined.
• B. Adequate security resources are allocated to the program.
• C. A balanced scorecard is approved by the steering committee.
• D. The program is developed using global security standards.

Correct answer: B

Explanation

The correct answer, B, highlights the necessity of allocating sufficient resources to ensure the program can effectively operate and meet its objectives. While KPIs, a balanced scorecard, and adherence to global standards are important, they do not replace the fundamental need for adequate resources to support the program's activities and initiatives.