Certified Information Security Manager (CISM) — Question 970

Which of the following is MOST helpful for determining priorities when creating a long-term information security roadmap?

Answer options

• A. The organization's information security framework
• B. Information security steering committee input
• C. Enterprise architecture (EA)
• D. Industry best practices

Correct answer: B

Explanation

The input from the information security steering committee is crucial as it reflects the organization's strategic goals and priorities, making it the most pertinent for roadmap development. While the other options provide valuable information and guidelines, they may not directly align with the specific priorities of the organization like the steering committee's input does.