Certified Information Security Manager (CISM) — Question 767
An information security manager has contracted with a company to design security architecture for an application. Which of the following is accountable for identification associated with this initiative?
Answer options
- A. The project steering committee
- B. The information security manager
- C. The infrastructure management team
- D. The application development team
Correct answer: B
Explanation
The information security manager is accountable for overseeing the security architecture initiative, which includes identifying relevant security requirements. The other options, while involved in the project, do not hold the primary responsibility for identification in the context of security architecture.