CISA Certified Information Systems Auditor – Question2279 - CISA Certified Information Systems Auditor

Who is ultimately accountable for the development of an IS security policy?

A. The board of directors
B. Middle management
C. Security administrators
D. Network administrators

Correct Answer: A

Explanation:

Explanation:
The board of directors is ultimately accountable for the development of an IS security policy.