Certified Information Security Manager (CISM) — Question 819

Which of the following contributes MOST to the effectiveness of information security governance?

Answer options

• A. Properly managed risk
• B. Alignment with technology strategy
• C. Stakeholder commitment
• D. A defined security policy

Correct answer: C

Explanation

Stakeholder commitment is crucial because it ensures that everyone involved is dedicated to security initiatives, which drives the overall effectiveness of governance. While properly managed risk, alignment with technology strategy, and a defined security policy are important, they rely on stakeholder buy-in to be truly effective.