CISA Certified Information Systems Auditor – Question0467

Which of the following is the BEST approach to make strategic information security decisions?

A.
Establish regular information security status reporting
B. Establish business unit security working groups
C. Establish periodic senior management meetings
D. Establish an information security steering committee

Correct Answer: D