CISM Certified Information Security Manager – Question0005 - CISM Certified Information Security Manager

Information security governance is PRIMARILY driven by:

A. technology constraints.
B. regulatory requirements.
C. litigation potential.
D. business strategy.

Correct Answer: D

Explanation:

Explanation: Governance is directly tied to the strategy and direction of the business. Technology constraints, regulatory requirements and litigation potential are all important factors, but they are necessarily in line with the business strategy.