CISA Certified Information Systems Auditor – Question0602

An information security manager’s PRIMARY objective for presenting key risks to the board of directors is to:

A.
re-evaluate the risk appetite.
B. quantify reputational risks.
C. meet information security compliance requirements.
D. ensure appropriate information security governance.

Correct Answer: D