Certified Information Security Manager (CISM) — Question 347
Which of the following is MOST helpful for aligning security operations with the IT governance framework?
Answer options
- A. Business impact analysis (BIA)
- B. Security operations program
- C. Information security policy
- D. Security risk assessment
Correct answer: C
Explanation
The Information security policy is essential as it provides the framework and guidelines that align security operations with the overall IT governance framework. The other options, while important, do not specifically address the alignment aspect as directly as the information security policy does.