CISM Certified Information Security Manager – Question1168

The MOST important reason for an information security manager to be involved in the change management process is to ensure that:

A.
security controls are updated regularly.
B. potential vulnerabilities are identified.
C. risks have been evaluated.
D. security controls drive technology changes.

Correct Answer: D