Certified Information Security Manager (CISM) — Question 546

Which of the following is the BEST way to strengthen the alignment of an information security program with business strategy?

Answer options

• A. Establishing an information security steering committee
• B. Increasing the frequency of control assessments
• C. Providing organizational training on information security policies
• D. Increasing budget for risk assessments

Correct answer: A

Explanation

Establishing an information security steering committee is the best option as it directly involves key stakeholders in aligning security initiatives with business objectives. The other options, while beneficial, do not facilitate strategic alignment to the same extent; they focus more on operational aspects rather than integrating security with business strategy.