CISA Certified Information Systems Auditor – Question0543

Which of the following BEST demonstrates effective information security management within an organization?

A.
Employees support decisions made by information security management.
B. Excessive risk exposure in one department can be absorbed by other departments.
C. Information security governance is incorporated into organizational governance.
D. Control ownership is assigned to parties who can accept losses related to control failure.

Correct Answer: C