Certified Information Security Manager (CISM) — Question 378

Which of the following is the BEST way to ensure that organizational security policies comply with data security regulatory requirements?

Answer options

• A. Obtain annual sign-off from executive management.
• B. Align the policies to the most stringent global regulations.
• C. Send the policies to stakeholders for review.
• D. Outsource compliance activities.

Correct answer: B

Explanation

The correct answer is B because aligning policies with the most stringent global regulations ensures comprehensive compliance with various data security standards. Options A, C, and D may contribute to compliance but do not guarantee adherence to the highest regulatory requirements.