Certified Information Security Manager (CISM) — Question 335

Which of the following is the BEST evidence of alignment between corporate and information security governance?

Answer options

• A. Security key performance indicators (KPIs)
• B. Senior management sponsorship
• C. Regular security policy reviews
• D. Project resource optimization

Correct answer: B

Explanation

The correct answer is B, as senior management sponsorship demonstrates a commitment to aligning security initiatives with corporate objectives. While security KPIs, regular policy reviews, and resource optimization are important, they do not directly indicate the level of support and alignment from senior management, which is crucial for effective governance.