Certified Information Security Manager (CISM) — Question 682

To overcome the perception that security is a hindrance to business activities, it is important for an information security manager to:

Answer options

• A. focus on compliance
• B. reiterate the necessity of security
• C. promote the relevance and contribution of security
• D. rely on senior management to enforce security

Correct answer: C

Explanation

The correct answer is C because promoting the relevance and contribution of security helps integrate security as a valuable business component rather than a barrier. Options A and B focus on compliance and necessity, which do not fully address the perception issue. Option D suggests a passive approach, relying on others instead of actively promoting the security's benefits.