Certified Information Security Manager (CISM) — Question 628

Which of the following is the BEST way to demonstrate the alignment of the information security strategy with the business strategy?

Answer options

• A. Show the relationship between information security goals and corporate goals.
• B. Compare the allocated budget for business with the information security budget.
• C. Present senior management's approval of information security policies.
• D. Provide evidence that information security is included in the change management process.

Correct answer: A

Explanation

The correct answer, A, highlights the direct correlation between information security goals and corporate goals, illustrating alignment with the business strategy. Options B and C do not directly demonstrate this alignment; they focus on budget comparisons and approvals rather than strategic correlation. Option D, while relevant, does not specifically show how information security aligns with business goals.