CISSP – Information Systems Security Management Professional (ISSMP) — Question 19

Which of the following governance bodies provides management, operational and technical controls to satisfy security requirements?

Answer options

• A. Senior Management
• B. Business Unit Manager
• C. Information Security Steering Committee
• D. Chief Information Security Officer

Correct answer: A

Explanation

The correct answer is A, Senior Management, as they are responsible for establishing and enforcing policies that ensure security controls are in place. The other options, while important, do not have the overarching authority to implement these controls across the organization.