CISA Certified Information Systems Auditor – Question0645

Which of the following is the MOST effective way to ensure security policies are relevant to organizational business practices?

A.
Leverage security steering committee contribution.
B. Obtain senior management sign-off.
C. Integrate industry best practices.
D. Conduct an organization-wide security audit.

Correct Answer: B