CISA Certified Information Systems Auditor – Question0546

Which of the following is a PRIMARY responsibility of an information security governance committee?

A.
Approving the purchase of information security technologies
B. Approving the information security awareness training strategy
C. Reviewing the information security strategy
D. Analyzing information security policy compliance reviews

Correct Answer: C