Certified Information Systems Security Professional (CISSP) — Question 72

Which organizational department is ultimately responsible for information governance related to e-mail and other e-records?

Answer options

• A. Legal
• B. Audit
• C. Compliance
• D. Security

Correct answer: A

Explanation

The Legal department is tasked with ensuring that the organization complies with laws and regulations regarding information governance, particularly for e-mail and electronic records. The Audit, Compliance, and Security departments play supportive roles but do not have the ultimate authority over information governance.