CISA Certified Information Systems Auditor – Question0608

The PRIMARY purpose of aligning information security with corporate governance objectives is to:

A.
identify an organization’s tolerance for risk.
B. re-align roles and responsibilities.
C. build capabilities to improve security processes.
D. consistently manage significant areas of risk.

Correct Answer: C