CISA Certified Information Systems Auditor – Question0603

Which of the following is the MOST effective way of ensuring that business units comply with an information security governance framework?

A.
Conducting information security awareness training
B. Performing security assessments and gap analyses
C. Integrating security requirements with processes
D. Conducting a business impact analysis (BIA)

Correct Answer: C