CISM Certified Information Security Manager – Question0620

Which of the following is MOST critical to the successful implementation of information security within an organizational?

A.
The information security manager is responsible for setting information security policy
B. Strong risk management skills exist within the information security group
C. Budget is allocated for information security tools
D. Security is effectively marketed to all managers and employees

Correct Answer: D