Certified Information Security Manager (CISM) — Question 487

In addition to executive sponsorship and business alignment, which of the following is MOST critical for information security governance?

Answer options

• A. Ownership of security
• B. Auditability of systems
• C. Allocation of training resources
• D. Compliance with policies

Correct answer: A

Explanation

Ownership of security is crucial because it ensures that there is accountability and responsibility for security measures within the organization. While auditability, training resources, and compliance are important, they all depend on having clear ownership to be effectively managed and implemented.