CISM Certified Information Security Manager – Question0051
From an information security manager perspective, what is the immediate benefit of clearly-defined roles and responsibilities? A. Enhanced policy compliance B. Improved procedure flows C. Segregation of duties D. Better accountability
Correct Answer: D
Explanation:
Explanation:
Without well-defined roles and responsibilities, there cannot be accountability. Choice A is incorrect because policy compliance requires adequately defined accountability first and therefore is a byproduct. Choice B is incorrect because people can be assigned to execute procedures that are not well designed. Choice C is incorrect because segregation of duties is not automatic, and roles may still include conflicting duties.
Please disable your adblocker or whitelist this site!