Certified Information Security Manager (CISM) — Question 871

Which of the following would be the BEST way to maintain organization-wide support for an information security strategy?

Answer options

• A. Ensure information security objectives are understood by key stakeholders.
• B. Monitor user activity to identify and track information security policy violations.
• C. Place information security awareness materials in visible locations.
• D. Ensure information security policies are easily accessible.

Correct answer: A

Explanation

The correct answer is A because ensuring that key stakeholders understand the information security objectives fosters commitment and alignment with the strategy. Options B, C, and D are important but do not directly engage stakeholders or ensure their support for the overall strategy.