PECB Lead Implementer (ISO/IEC 27001) — Question 59

What is the next step that Operaze’s ISMS implementation team should take after drafting the information security policy? Refer to scenario 5.

Answer options

Correct answer: B

Explanation

The correct answer is B because obtaining top management's approval is crucial to ensure that the policy has the necessary backing and resources for implementation. Options A and C are premature steps that should only occur after securing this approval.