CISA Certified Information Systems Auditor – Question0607

Within a security governance framework, which of the following is the MOST important characteristic of the information security committee? The committee:

A.
conducts frequent reviews of the security policy.
B. includes a mix of members from all levels of management.
C. has a clearly defined charter and meeting protocols.
D. has established relationships with external professionals.

Correct Answer: B