CISM Certified Information Security Manager – Question0301

Which of the following is the BEST method to ensure the overall effectiveness of a risk management program?

A.
User assessments of changes
B. Comparison of the program results with industry standards
C. Assignment of risk within the organization
D. Participation by all members of the organization

Correct Answer: D

Explanation:

Explanation: Effective risk management requires participation, support and acceptance by all applicable members of the organization, beginning with the executive levels. Personnel must understand their responsibilities and be trained on how to fulfill their roles.