CISM Certified Information Security Manager – Question0955
Which of the following is the MOST appropriate individual to implement and maintain the level of information security needed for a specific business application? A. System analyst B. Quality control manager C. Process owner D. Information security manager
Correct Answer: C
Explanation:
Explanation:
Process owners implement information protection controls as determined by the business’ needs. Process owners have the most knowledge about security requirements for the business application for which they are responsible. The system analyst, quality control manager, and information security manager do not possess the necessary knowledge or authority to implement and maintain the appropriate level of business security.
Please disable your adblocker or whitelist this site!