CISM Certified Information Security Manager – Question0126
Effective IT governance is BEST ensured by: A. utilizing a bottom-up approach. B. management by the IT department. C. referring the matter to the organization's legal department. D. utilizing a top-down approach.
Correct Answer: D
Explanation:
Explanation:
Effective IT governance needs to be a top-down initiative, with the board and executive management setting clear policies, goals and objectives and providing for ongoing monitoring of the same. Focus on the regulatory issues and management priorities may not be reflected effectively by a bottom-up approach. IT governance affects the entire organization and is not a matter concerning only the management of IT. The legal department is part of the overall governance process, but cannot take full responsibility.
Please disable your adblocker or whitelist this site!