CISM Certified Information Security Manager – Question0562

Which of the following should be the PRIMARY goal of an information security manager when designing information security policies?

A.
Reducing organizational security risk
B. Improving the protection of information
C. Minimizing the cost of security controls
D. Achieving organizational objectives

Correct Answer: D