Certified Secure Software Lifecycle Professional (CSSLP) — Question 3

Which of the following individuals inspects whether the security policies, standards, guidelines, and procedures are efficiently performed in accordance with the company's stated security objectives?

Answer options

• A. Information system security professional
• B. Data owner
• C. Senior management
• D. Information system auditor

Correct answer: A

Explanation

The Information system security professional is tasked with ensuring that security measures align with the company's objectives. The data owner is responsible for data management rather than security policy enforcement, senior management focuses on overall governance, and the information system auditor typically reviews compliance rather than actively ensuring policies are carried out.